WO2009086422A1 - Apparatus and methods for trusted dissemination of information among a population of users in an open environment - Google Patents

Apparatus and methods for trusted dissemination of information among a population of users in an open environment Download PDF

Info

Publication number
WO2009086422A1
WO2009086422A1 PCT/US2008/088233 US2008088233W WO2009086422A1 WO 2009086422 A1 WO2009086422 A1 WO 2009086422A1 US 2008088233 W US2008088233 W US 2008088233W WO 2009086422 A1 WO2009086422 A1 WO 2009086422A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
channel
node
dissemination
nodes
Prior art date
Application number
PCT/US2008/088233
Other languages
French (fr)
Inventor
Stuart B. Malin
Albert H. Pleus
William J. Ritger
George Allen Morris
Original Assignee
Gramcast, Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gramcast, Llc filed Critical Gramcast, Llc
Publication of WO2009086422A1 publication Critical patent/WO2009086422A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management

Definitions

  • a method and system for disseminating messages include providing a plurality of nodes and at least one channel host coupled with the nodes.
  • a node is configured to issue a first new message and/or receive a first received message pushed to the node without polling for the first received message.
  • the node may be configured to present the first received and/or first new message to user(s).
  • the node may be configured to store the first received and/or first new message.
  • the message originates at an originating node and terminates at a destination node.
  • Each of the channel host(s) corresponds to at least one channel.
  • the channel host(s) receive a second received message pushed to the channel host without polling for the second received message and issues a second new message.
  • the channel(s) disseminate the message between the plurality of nodes by receiving the second received message including content corresponding to the message and by issuing to the destination node and/or a portion of the at least one channel through which the message has not been conveyed the second new message.
  • the second new message includes a portion of the content.
  • the channel(s) allow for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node.
  • FIG. 1 is a diagrammatic representation of an exemplary embodiment of messaging system.
  • FIG. 2 depicts an exemplary embodiment of message dissemination system.
  • FIG. 3 depicts an exemplary embodiment of components of a dissemination node and aspects of message dissemination.
  • FIG. 4 depicts an exemplary embodiment of a dissemination node.
  • FIG. 5 depicts an exemplary embodiment of a process for keeping user identities private in message dissemination.
  • FIG. 6 depicts an exemplary embodiment of the role of message signatures in message dissemination and their handling by dissemination nodes.
  • FIG. 7 depicts an exemplary embodiment of a signature generating function.
  • FIG. 8 depicts an exemplary embodiment of a signature evaluating function.
  • FIG. 9 depicts an exemplary embodiment of the handling of message signatures in a dissemination channel host.
  • FIG. 10 depicts an exemplary embodiment of the establishment of a messaging relationship between a dissemination node and a dissemination channel.
  • FIG. 11 depicts operation of an exemplary embodiment of a channel host.
  • FIG. 12 depicts an exemplary embodiment of a delivery agent providing delivery services to other dissemination entities in a dissemination system.
  • FIG. 13 depicts an exemplary embodiment of a dissemination system.
  • FIG. 14 depicts an exemplary embodiment of a dissemination system.
  • FIG. 15 depicts an exemplary embodiment of a delivery agent.
  • FIG. 16 depicts an exemplary embodiment of the establishment of delivery services for a dissemination entity by a delivery agent.
  • FIG. 17 depicts an exemplary embodiment of the dissemination of a message-gram in a message dissemination system from a dissemination node to a dissemination channel host, where both apparatus have delivery service provided by delivery agents.
  • the exemplary embodiments relate to Information dissemination and message conveyance.
  • the following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements.
  • Various modifications to the exemplary embodiments and the generic principles and features described herein will be readily apparent.
  • the exemplary embodiments are mainly described in terms of particular methods and systems provided in particular implementations. However, the methods and systems will operate effectively in other implementations. Phrases such as "exemplary embodiment”, “one embodiment”, “another embodiment”, “exemplary embodiments”, and “other exemplary embodiments” may refer to the same or different embodiments.
  • the embodiments will be described with respect to systems and/or devices having certain components.
  • the systems and/or devices may include more or less components than those shown, and variations in the arrangement and type of the components may be made without departing from the scope of the invention.
  • the exemplary embodiments will also be described in the context of particular methods having certain steps. However, the method and system operate effectively for other methods having different and/or additional steps and steps in different orders that are not inconsistent with the exemplary embodiments. Thus, the method and system are not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features described herein.
  • the exemplary embodiments herein are mainly described in terms of particular systems provided in particular implementations. However, one of ordinary skill in the art will readily recognize that this method and system will operate effectively in other implementations.
  • the systems, devices, and networks usable with the present invention can take a number of different forms.
  • the method and system are described in the context of certain services being provided in particular components. However, one of ordinary skill in the art will recognize that in alternate embodiments, the services might be provided in different components.
  • the method and system are described in the context of particular devices and protocols, for example mobile telephony and Internet protocols. However, one of ordinary skill in the art will recognize that the method and system may be used with other devices and protocols.
  • the method and system will also be described in the context of particular methods having certain steps. However, the method and system operate effectively for other methods having different and/or additional steps not inconsistent with the method and system.
  • the exemplary embodiments provide a method and system for disseminating information.
  • the method and system include providing an apparatus containing an embedded transceiver that allows the apparatus to deliver message-grams to other such apparatus.
  • the delivery is with a high degree of trust, both in the reliability of the system and the integrity of message-grams passed between them.
  • a mechanism having a high degree of trust may provide safeguards for participant identity, may assure information consumers of the authenticity of received information, may increase the likelihood of receiving desirable (relevant) information, and/or may aid in assuring participants that they can avoid inundation by unwanted messages.
  • the method and system disclosed herein may be used to convey messages-grams, which are containers holding a structured collection of information items.
  • the use of structured information may allow a variety of software applications to inter-operate using the method and system.
  • Such application software applications may enable users to post and receive message-grams, and/or manage a collection of message-grams.
  • Such software applications may inherently process message-grams, either generating them for dissemination and/or processing ones that are received.
  • Such software applications may present a user interface to a human being and/or be driven by a programmatic entity, for example through an API (Application Programming
  • a messaging transceiver is a programmatic function able to interchange message-grams with other such transceivers. Although transceivers may have an exposed end-point address, some embodiments of the invention may be configured to limit access to an apparatus containing such a transceiver.
  • Transceivers may establish relationships with one or more other transceivers. Such relationships may enable a transceiver to issue message-grams to the other transceivers, permit receipt of message-grams from the other transceivers, or both.
  • a messaging apparatus is a device containing a messaging transceiver and thereby is able to convey message-grams with other such apparatus. Messaging apparatus may also contain one or more of a variety of application software that provide functionality in addition to that provided by the transceiver.
  • the messaging apparatus provides physical connectivity with a connection network, which connects a plurality of such messaging apparatus.
  • the embedded transceiver of a messaging apparatus conveys message-grams to and from other messaging apparatus via the physical connection.
  • the messaging node apparatus may be used to initiate the sending of message-grams and/or may be the terminus for the final delivery of sent message-gram.
  • the channel apparatus may intermediate conveyance of the message-gram between messaging node apparatus.
  • the channel apparatus may be considered to provide a channel through which message-grams flow between sender and recipient(s).
  • the messaging apparatus (directly, or by association with a contained messaging transceiver) may have exposed end-point addresses, but access to an apparatus may be limited.
  • the messaging transceivers may limit access to the application software functionality of the messaging apparatus.
  • the messaging transceiver may limit message-gram delivery to only other such other messaging transceivers as are authorized.
  • message-gram dissemination does not take place unless messaging apparatus have negotiated a relationship permitting message- gram conveyance between them.
  • the messaging apparatus may limit message-gram delivery to a sub-population of messaging apparatus.
  • message-grams from unauthorized messaging apparatus may be discarded or otherwise handled appropriately as being potentially unwanted and unwelcome, thereby reducing or eliminating "spam".
  • messaging apparatus may have intrinsic mechanisms for validating and authenticating message-grams as having come from the sender the message-gram claims to be from.
  • the messaging apparatus may filter message-grams based on evaluating such authenticity.
  • dissemination of message-grams among messaging apparatus may be trustable in that message-grams that are not authenticated as coming from the claimed originating messaging apparatus are discarded or otherwise handled appropriately as being potentially of fraudulent origin, thereby reducing or eliminating "spoofing".
  • the method and system include providing a message conveyance mechanism that may limit message delivery to between other certain apparatus, may have intrinsic capabilities for validating and authenticating messages, and may have intrinsic capabilities for limiting message dissemination between a given apparatus and a sub-population of other apparatus with which that apparatus has negotiated a relationship permitting message delivery.
  • numeric designation 10 may refer to any embodiment of a messaging apparatus including 10 (shown in detail in FIG. 1 ), 10a, 10b, and 10c.
  • alphanumeric designation 10a refers to a particular messaging apparatus 10a shown in detail.
  • FIG. 1 illustrates a schematic diagram of particular elements of an exemplary embodiment of a messaging apparatus 10 in the context of a messaging system 90.
  • Messaging system 90 includes a plurality of messaging apparatus 10, each of which is connected by transport connection 615 to connection a network 65.
  • transport connection 615 Through the network 65, messaging apparatus 10 are able to conduct inter-apparatus communications.
  • the physical nature and protocol methods used to establish transport connections 615 depend upon the nature of the embodiment of connection network 65.
  • transport connection 615 may be based upon Ethernet 802.11 , either wired or wireless, and may use the TCP/IP protocol stack or some other protocol stack to provide inter- apparatus communications.
  • aspects of the connection interface and portions of the protocol may be provided by device 12.
  • Device 12 provides an execution platform for the operation of messaging apparatus 10, which includes a messaging transceiver 100 and apparatus functionality 15.
  • device 12 is the same type of device for all interacting messaging apparatus 10.
  • device 12 varies throughout the messaging system 90.
  • the device 12 may vary markedly, such as cellular telephones and portable personal computers.
  • transport connection 615 may include gateways (not shown) that enable non-native devices to access network 65.
  • network 65 provides an infrastructure by which messaging apparatus 10 may convey messages between the apparatus 10.
  • messages take the form of message-grams 50.
  • Message-grams 50 are structured containers of information. Such structure may be achieved by any of a variety of mechanisms. Such mechanisms may include, but not be limited to, the use of XML, an in-stream tagging scheme, and/or serialization of data. As with the details of connection network 65 and transport connections 615, message-gram structure may vary. However, so that apparatus 10 may parse message-grams 50 passed between the apparatus 10, a consistent structure should be used by the messaging apparatus 10 of messaging system 90 that are intended to interact.
  • Messaging apparatus 10 contain messaging transceivers 100 that provide for the interoperable conveyance of message-grams 50 between messaging apparatus 10 of messaging system 90. As with details of message-gram structure, connection network, and transport connections, the implementation of messaging transceivers 100 may vary.
  • messaging apparatus 10 include apparatus functionality 15 that provides specific functionality that may be considered to distinguish one type of messaging apparatus 10 from another.
  • the messaging transceiver 100 and apparatus functionality 15 have distinct roles and so are partitioned and implemented as distinct elements.
  • at least some of the functions of transceiver 100 and apparatus functionality 15 are merged. Any such variation along a continuum of partitioning may be an embodiment, as long as any such construction provides for the interoperable conveyance of message-grams between messaging apparatus 10 of a messaging system 90.
  • both the messaging transceiver 100 and the apparatus functionality 15 may vary in accord with each device type. Again, as long as they inter-operate, even if through gateways (not shown), such messaging apparatus 10 may be part of a messaging system 90.
  • Each apparatus 10 has an identity 105 by which it is known to other messaging apparatus 10. Such identities are used to route messages between apparatus 10.
  • identity 105 may be associated with device 12.
  • identity 105 may be associated with messaging transceiver 100.
  • identity 105 is associated with apparatus functionality 15.
  • the identity 105 may be associated with some combination of the device 12, messaging transceiver 100 and apparatus functionality 15.
  • a single messaging apparatus 10 may have more than one identity 105. Such a plurality of identities is an important feature of certain embodiments of messaging apparatus 10.
  • Message-grams 50 are containers of structured information having fields 500, which contain different types of information. Some fields may have common semantic meaning to, and are used by, the messaging transceiver 100. Other fields may have common semantic meaning to, and are used by, the apparatus functionality 15. Some fields may have common semantic meaning to, and are used by, both transceiver 100 and functionality 15. Message-gram 50 may contain different numbers of, and types of, fields. This is shown in FIG. 1 by fields 500a, 500b, and 500c of message-gram 5Or and fields 50Oe, 50Of, 50Og, and 50Oh of message-gram 50s. As shown in FIG.1 , message-gram 5Or is conveyed from messaging apparatus 10a to messaging apparatus 10 by conveyance transaction 61Or.
  • message-gram 50s is conveyed from messaging apparatus 10 to messaging apparatus 10b by conveyance transaction 610s.
  • the actual route of a message-gram 50 conveyed between messaging apparatus 10 through connection network 65 may take a variety of pathways and travel through intermediary agents.
  • the conveyance of message-grams 5Or and 50s are represented by virtual conveyance pathways 66Or and 660s, respectively.
  • the particular pathway 660 is not important as long as the underlying conveyance conveys the content of message-grams 50 substantially unaltered from sender to recipient.
  • message-grams 50 are received at messaging transceiver 100 of messaging apparatus 10. Similarly, as shown by the origination of conveyance transaction 610s, message-grams 50 are also issued from messaging transceiver 100 of messaging apparatus 10. As implied by this, message-grams
  • message-grams 50 are conveyed from the messaging transceiver 100 of one messaging apparatus 10, and are received by the messaging transceiver 100 of another messaging apparatus 10. In some conveyances, message-grams 50 culminate at, and originate from, apparatus functionality 15. This is shown in FIG.1 by the destination of virtual conveyance pathway 66Or for message-gram 5Or and the origination of virtual conveyance pathway 660s for message-gram 50s. In other conveyances (not shown), the origination of an issued message-gram and the disposition of a received message-gram begin and end, respectively, with the messaging transceiver 100. In the embodiment shown in FIG. 1 , messaging transceiver 100 conveys message-grams originated by, and culminating at, apparatus functionality 15.
  • Dissemination system 90 includes a plurality of dissemination nodes 30, each having an identifier 305 that is unique in the dissemination system.
  • a dissemination node 30 may correspond to one type of messaging apparatus 10.
  • Each dissemination node 30 is connected by transport connection 615 to connection a network 65.
  • the physical nature and protocol methods used to establish transport connections 615 depend upon the nature of the embodiment of connection network 65. For example, in embodiments where connection network 65 is the Internet, transport connection 615 may be based upon Ethernet 802.11 , either wired or wireless, and the use of the TCP/IP protocol stack.
  • network 65 and connections 615 provide a mechanism for dissemination nodes to convey message-grams 50 between them.
  • Messages in the system 90 may be conveyed via message-grams 50.
  • Message-grams 50 are structured containers of information. Such structure may be achieved by any of a variety of mechanisms, such as, but not limited to the use of XML, an in-stream tagging scheme, and/or serialization of data.
  • message- gram structure may vary between embodiments of a dissemination system 90.
  • the dissemination entities of dissemination system 90 should use a consistent mechanism so that entities may parse message-grams conveyed between them.
  • a dissemination channel 810 is an abstraction instantiated in a dissemination channel host (not shown), and though dissemination channels are abstractions, their instantiations are nonetheless reachable through connection network 65.
  • a channel host 80 may also be considered to be a type of messaging apparatus 10.
  • node apparatus 30a has issued message-gram 50a for dissemination.
  • the message-gram 50a is delivered to dissemination channel 81Ox for dissemination to recipient nodes 30 selected by the channel 810.
  • an issuing node apparatus 30 does not specify the destination recipients. Instead, selection of recipients may be performed by the channel 810.
  • channel 81Ox has issued message-gram 50b to node 30b, and message-gram 50c to node 30c. Certain of original content provided by an originating node to a channel is copied into the message-grams issued by the channel.
  • some or all of the content provided by originating node 30a in message-gram 50a issued to channel 81Ox is copied by the channel into message-grams 50b and 50c.
  • connection network 65 may include a variety of pathways through intermediary agents.
  • the conveyance as presented in the figure is virtual.
  • the conveyance of message-grams 50a, 50b, and 50c is represented by virtual conveyance pathways 660a, 660b, and 660c, respectively.
  • the underlying conveyance mechanism may ensure that message-gram fields are conveyed fundamentally unaltered from sender entity to recipient entity.
  • conveyance of message- grams 50 may involve the establishing and maintaining dissemination relationships, discussed below, between the nodes 30a, 3b, and 30c, respectively, and the channel 810.
  • FIG. 3 shows an exemplary embodiment of aspects of message dissemination and components of dissemination node 30.
  • the node 30 provides transport connection 615 to connection network 65.
  • This connection 615 might be provided in a variety of ways.
  • three dissemination channels 81Ox, 81Oy, and 81Oz are accessible via the connection network 65.
  • dissemination entities including dissemination nodes 30, include transceiver 100, which provides functions that handle reception and issuance of message-grams 50.
  • the receipt of message-gram 5Or via conveyance transaction 61Or, and the issuance of message-gram 50s via conveyance transaction 610s represent the performance of these functions.
  • Message-grams 50 may be conveyed between dissemination entities 30 having an ability to inter-operate via a common protocol implementation of conveyance transaction 610.
  • the dissemination node 30 may further include messaging manager 300.
  • Such a messaging manager 300 is shown in FIG. 3.
  • the messaging manager 300 originates a message-gram 50 and/or handles a received message-gram 50.
  • message-grams 50 originated by messaging manager 300 are passed to transceiver 100 for conveyance, and message-grams 50 received by transceiver 100 are passed to messaging manager 300 for disposition.
  • Mechanisms for origination of message-grams 50 and for the disposition of message-grams 50 by messaging manager 300 vary based on the purpose or role of that dissemination node in the dissemination system.
  • a dissemination system 90 may contain multiple types of dissemination nodes. In some embodiments of a dissemination node 30, a user authors message-grams
  • messaging manager 300 may provide for interactions with the user.
  • messaging manager 300 may interact with programmatic instructions (e.g. a software program) that has authored content and to which the messaging manager delivers received message-grams. The programmatic instructions may then perform actions based upon the received message-grams.
  • dissemination node 30 acts on behalf of user 20. Interactions with user 20 are mediated by user interface 310, which conveys information between the user 20 and manager 300.
  • dissemination node 30 and a dissemination channel 810 in order for a dissemination node 30 and a dissemination channel 810 to conduct message-gram dissemination, they establish a dissemination relationship between them.
  • dissemination node 30 has established dissemination relationship 630a with dissemination channel 81Ox and dissemination relationship 630b with dissemination channel 81Oz. There is no such relationship between the dissemination node 30 and the dissemination channel 81Oy.
  • Manager 300 of dissemination node 30 establishes such relationships 630 with a dissemination channel 810.
  • another component of the dissemination node 30 may establish and/or manage such relationships 630.
  • a variety of information used by the manager 300 may be needed to be durable (i.e., available over time). Consequently, such information may be stored in data store 315. Such information may include messages that have been received from channels 810 and information about the channel(s) with which the dissemination node 30 has established a dissemination relationship
  • Each dissemination node 30 has an identity 305 that is unique within the context of the message dissemination system 90. Using the identity 305, other entities (not shown) in the system 90 can specify the specific node 30 as the recipient of message-grams 50 sent to the node 30. For example, as discussed above, a channel 810 may specify the identity 305 of the node 303 as a recipient of a particular message-gram 50. Similarly, other entities may utilize the identity
  • FIG. 4 shows an exemplary embodiment of a dissemination node 30 that provides symmetric messaging capabilities to user 20.
  • Symmetric in this regard refers to being able to both originate message- grams 50 and to handle received message-grams 50.
  • user interface 310 has aspects for each of these functions: authoring 3120 and presentation 3110.
  • a dissemination node 30 might be distinguished from other types of generally available message handling software tools (such as an email program or service) by the former's intrinsic organization, management, and presentation of messages associated with sources and destinations (e.g., dissemination channel(s) 810 for dissemination nodes 30).
  • an email program is symmetric (i.e., both originating and receiving messages)
  • messages are intrinsically managed in relation to the user's email address. In the case where a single email address is being managed, the user generally must handle organization of the messages.
  • an RSS reader does manage messages by source.
  • the RSS application is not symmetric. In other words, RSS readers do not provide mechanism for originating messages.
  • data store 315 may have data sets 3154 that hold messages sent to or received from channels 810. Such data sets may be organized by channel 810. Access to data sets 3154 distinguished by channel may be achieved by the use of one or more of a variety of data management techniques. As shown in the figure, datasets 3154a, 3154b, and 3154c contain message-grams associated with different dissemination channels. Such data set distinction may be an intrinsic organizing aspect of data store 315, or a virtual distinction given to enmeshed information that is distinguished by accessor mechanism(s) of data store 315.
  • Management by channel as an organizing principle may extend to the user interface.
  • the user interface 310 may present data to the user based upon the channel 810 from which the data is received.
  • user interface presentation 3110 includes four distinct output fields.
  • output field 3112a presents a list of dissemination channels 810 with which the dissemination node 30 has established a dissemination relationship.
  • output field 3112b is populated with a list of message-grams 50 associated with the selected channel 810.
  • output field 3112c is populated with content from the message-gram 50.
  • additional and/or third-party content such as advertisements
  • output field 3112d illustrates the ability of a dissemination node to present additional content that may be derived from or associated with a received message-gram, may be associated with the selected channel, and/or may have some other association.
  • the additional content may be acquired from external data source 25.
  • Data acquisition process 335 may acquire such external content based upon parameters specific to the embodiment of the node 30.
  • the message-gram may contain reference to the external content and/or the external data source 25. Processing of the message-gram may invoke data acquisition process 335, which acquires the external content.
  • the external content may be presented to the user via the user interface 310.
  • Authoring interface 3120 may allow a user to author a message-gram 50 and issue the message-gram 50 to a channel 810 for distribution.
  • Input fields 3122 allow for different types of data to be input.
  • input field 3122a specifies the destination dissemination channel 810.
  • Input field 3122b is the content of the message-gram 50, which may include sub-parts such as a headline as distinct from body copy.
  • Input field 3122c may be a reference to external content (such as advertising) that is to be displayed when the message-gram 50 is displayed by some other, functionally compatible dissemination node 30 that receives the authored message-gram 50.
  • message-gram content may be described in terms of a mark-up language, such as SGML, HTML, or XHTML so that message- grams conveyed from one dissemination node to another can be symmetric in presentation.
  • manager 300 may apply such mark-up so that user 20 need not enter mark-up codes.
  • input field 3122b of authoring interface 3120 may allow for entry of mark-up codes.
  • styling may be applied by user 20 using interface elements of the authoring interface 3120, and user interface 20 or manager 300 may translate such styling to corresponding mark-up codes. Any combination of these or other techniques that cause mark-up codes to be present in the message- gram content suffice.
  • presentation interface 3110 will render marked-up message-gram content for presentation to user 20 in output field 3112c.
  • Such rendering may be performed by an appropriate rendering engine.
  • message-grams may be coded with different mark-up schema.
  • the message-gram may have a field to indicate the particular mark-up schema, or the content contained in the content field may have instructions that specify the mark-up scheme.
  • FIG. 5 depicts an exemplary embodiment of a method and system that keeps private the identity of message dissemination nodes 30 in the dissemination of message-grams 50 in a message dissemination system 90.
  • dissemination node 30a has issued message-gram 50a to channel 810.
  • channel 810 has issued message-gram 50b to dissemination node 30b.
  • message-grams 50 contain fields 510, 520, 540, and 590, among other possible fields not shown.
  • channel 810 having identity 805
  • the channel host 80 is a dissemination entity, and is connected by transport connection 615e to connection network 65 in a manner harmonious with transport connections 615a and 615b by which the dissemination node are also connected.
  • Selector 800 provides the functional operation of channel 810 in channel host 80.
  • Message-gram 50a issued by node 30a, is delivered along virtual conveyance pathway 660a to selector 800 of channel host 80 for handling on behalf of dissemination channel 810.
  • message-gram 50a When message-gram 50a is issued, its destination field 510a is set with the identity of the destination channel, 805. Issuer's identity field 520a is set to the identity of the issuing dissemination node, 305a.
  • Message-gram content provided by the user of node 30a, is contained in content field 590a.
  • selector 800 acting as dissemination channel 810, selects which dissemination node(s) will receive message-grams 50 with the message content of the received message-gram 50a.
  • selector 800 has selected node 30b to receive the content of message-gram 50a.
  • selector 800 causes channel host 80 to issue message-gram 50b to node 30b.
  • Message content field 590b contains message content derived from content field 590a of the received message-gram 50a.
  • message-gram 50b is issued, its destination field 510b is set with identity 305b of the destination node 305b. Issuer's identity field 520b is set to the identity of the issuing channel, 805.
  • message-grams 50 further contain signature field 540 holding a value that is unique to the sending entity, the receiving entity, and the message-gram content. Such signatures can be tested for validity. When the signature is validated, the message-gram 50 is authenticated as having been truly sent by the claimed issuer as identified by issuer's identity field 520.
  • Dissemination apparatus 30/80 may use a message signature, contained in signature field 540, to validate the authenticity of message-grams 50 conveyed between them.
  • the signature generated for field 540 may be made specific to either or both the sender and/or the recipient.
  • Dissemination entities 30/80 may authenticate received message-grams 50 as having been issued by the claimed sender using such signatures. Authentication may be desired for several reasons. One is that because message-grams 50 potentially travel through intermediaries, they are subject to unauthorized or mistaken alteration. Another is that message-grams 50 may be received from an entity (that may or may not be a dissemination entity, not shown) with which the receiver does not have a relationship, and so such message-grams 50 may be unwanted.
  • a valid signature may not be developed. Thus such unwanted (“spam”) messages may be detected and discarded. Yet another reason is that a nefarious entity (that may or may not be a dissemination entity; not shown) but which has access to connection network 65 (either directly or indirectly), may issue message-grams 50 fraudulently claiming to be from some sender that they are not.
  • the use of signatures, depending upon the nature of the signature, may enable a recipient to detect and discard such falsely identified (“spoofed”) messages.
  • FIG. 6 shows an exemplary embodiment of a mechanism by which a message signature provides message integrity using message signatures.
  • Transceiver 100 receives and issues message-grams 50 for dissemination node 30 via message conveyance transactions 610.
  • Received message-grams 5Or have their signature, held in signature field 54Or, evaluated by a signature evaluating function.
  • Issued message-grams 50s have a signature generated by a signature generating function, and set into their signature field 540s.
  • message-gram 5Or is received by transceiver
  • Manager 300 invokes signature evaluating function 1356 of message processing software component 135 to evaluate the signature.
  • Signature evaluating function 1356 returns its assessment.
  • manager 300 calls signature generating function 1354 of message processing software component 135 to have a signature generated.
  • the signature is made a part of internal message-gram representation 52s.
  • the internal message-gram representation 52s is given to transceiver 100 for issuance, which sets signature field 540s of issued message-gram 50s to contain the generated signature.
  • the signature may be made specific to the destination of the message- gram 50.
  • information unique to that destination may be used in the generation of the signature.
  • information unique to that issuer may be used in the evaluation of the signature.
  • issuers and destinations may be dissemination channels 810.
  • the channel specific information used in signature evaluation and generation resides in per-channel data set 3154 of data store 315. The information in each such per-channel data set 3154 is associated with a particular channel.
  • Signature generating function 1354 and signature evaluating function 1356 may use virtually any type of signature algorithms, of which a variety of can be conceived.
  • the signature algorithms 1354 and 1356 may draw upon the various mechanisms of digital cryptography.
  • Signature generating and evaluating functions 1354 and 1356 correspond to and are interoperable among dissemination entities (such as dissemination nodes 30 and dissemination channel hosts 80) of a dissemination system 90 that are to convey message- grams between them.
  • dissemination entities such as dissemination nodes 30 and dissemination channel hosts 80
  • transceivers 100 may be made interoperable by having multiple signature generating and evaluating function pairs 1354 and 1356, and by having an ability to distinguish which pair is used for any given conveyance transaction.
  • some field(s) of the conveyed message-gram 50 indicating which algorithm has been used to generate the signature may be used to distinguish the signature function 1354 and 1356 pair.
  • dissemination entities containing such functionality may operate in a mixed population dissemination system.
  • the two functions 1354 and 1356 may be contained in message processing software component 135.
  • digital cryptography is used.
  • signature generating function 1354 generates a cryptographic signature for a message-gram 50.
  • signature evaluating function 1356 evaluates a received signature for validity.
  • any of a variety of techniques might be used to implement such symmetric pairs.
  • Digital cryptography is not necessary, but may lend powerful and efficacious security aspects.
  • signature generating function 1354 and signature evaluating function 1356 can be associated with the operation of transceiver 100.
  • the functionality may be managed outside of transceiver 100, as is the case of the approach depicted in the figure.
  • the functionality may be accessible to both transceiver 100 and other components of the dissemination node, such as manager 300.
  • FIG. 7 shows a flow diagram for an exemplary embodiment of a particular signature generating function 1354.
  • the particular signature generating function 1354 shown is presented for illustrative purposes, as any of a wide variety of functions may be used to validate the authenticity of messages passed between a sender and a recipient. The technique presented here is based upon the use of public key cryptography.
  • each dissemination entity (not shown) generates a key pair including a public key (not shown in FIG. 7) and a private key 2100.
  • private key 2100 is used to create cypher text used as signature 2540.
  • the signature 2540 is inserted into signature field 540 of message-gram 50.
  • the receiving apparatus may validate the signature 2540 by decrypting the received signature (contained in the signature field 540 of the received message-gram) using the issuing node's public key (not shown).
  • the receiving dissemination entity may presume validity if the decrypted cypher text derived from decrypting the signature obtained from the signature field of the message-gram 50 matches the text it generates from equivalent source content. Encryption/decryption of message-gram content alone is insufficient to validate authenticity (for example, a previously validly encrypted message could then be sent by a third party to a different recipient) at a later time).
  • One such approach to overcome this limitation shown in the figure, combines the destination dissemination entity's identity 105 with some content portion of the content 2590 of the issued message-gram.
  • a first step to combining the destination entity's identity 105 with the content portion 2590 is to concatenate them.
  • a second step may be to compute a digest of the concatenated combination, such as by applying the MD5 or the SHA-1 digest algorithms.
  • a digest By generating a digest, the original content of the combined elements are generally not recoverable from the digest.
  • This feature may be of value in other embodiments of the combining function that involve a shared secret known only to the issuing and receiving entity pair, because the shared secret must not be recoverable from the message-gram if intercepted in transit (otherwise the shared secret is compromised and no longer a secret).
  • the reason for using encryption is not to obscure the source content, but to enable the recipient to be assured that only an apparatus possessing the private key could have generated the message signature.
  • FIG. 8 shows a flow diagram for an exemplary embodiment of a signature evaluating function 1356 corresponding to signature generating function 1354 presented in FIG. 7.
  • Requisite data from received message-gram 50 may be provided to signature evaluating function 1356.
  • this data includes extracted signature 2542, a content portion 2590, and the identity 2520 of the issuer, as contained in fields 540, 590, and 520, respectively, of the received message gram 50.
  • the content portion 2590 is used with the issuer's identity 2520 for generating the clear text in the same manner that the generating function computes the signature 2542.
  • Message-grams 50 may contain an issuer's identity field 520 because a message-gram 50 may transit multiple dissemination entities during its conveyance from issuer to receiver.
  • the entity that actually delivered the message-gram may not be, and often is not, the originating issuer (whose identity is most often contained in field 520).
  • a nefariously constructed entity (which may or may not be a dissemination entity) can maliciously issue message-grams using a fraudulent identity.
  • the claimed identity of an issuer, or of an apparatus delivering a message-gram should not be trusted.
  • the claimed sender identity 2520 may be used to procure the issuer's public key 2115.
  • the public key may be maintained in some data store
  • the public key 2115 may be accessed using claimed sender identity 2520. If the issuer's public key 2115 is found, the evaluating function 1356 can be invoked to perform its calculation. However, not having the issuer's public key 2115 may be indicative of there being no established dissemination relationship between the issuer and the receiver. In such case, the message- gram 50 cannot be authenticated. In one embodiment, the message-gram 50 is then by default rejected and will not be passed to the apparatus functionality for handling. In another embodiment, the message-gram 50 is processed further, with limitations of action consequent to this condition. In yet another embodiment, certain actions are allowed in such situation, and a limited subset of message-gram types (such as request to establish a relationship) are permitted and processed.
  • the recipient's copy of the issuer's public key 2115 is used to decrypt signature 2542 extracted from the received message-gram 50.
  • the decrypted cypher text 2110 should be the same as the originally generated combining of the content portion 2590 and the issuer's identity 2520, or the digest thereof if a digest algorithm is applied by the signature generating function.
  • Signature evaluating function 1356 uses the same combining technique 2120 as is used in signature generating function 1354 to generate a combining target value.
  • FIG. 9 depicts an exemplary embodiment of the use of signature generating function 1354 and signature evaluating function 1356 in dissemination channel host 80 to provide complementary and compatible signature authentication with dissemination nodes.
  • the channel host 80 may include a transceiver 100.
  • the transceiver 100 receives and issues message-grams 50 for channel host 80 via message conveyance transactions 610.
  • Received message-grams 5Or have their signature field 54Or evaluated.
  • Issued message-grams 50s have a signature generated and set into their signature field 540s.
  • message-gram 5Or is received by transceiver 100, which creates internal message representation 52r.
  • the internal message representation 52r contains various fields of the received message-gram 5Or, including, especially, the message signature.
  • the internal message representation 502r is passed to selector 800, which authenticates message- grams before disseminating them to selected recipients. Selector 800 invokes signature evaluating function 1356 of message processing software component
  • Signature evaluating function 1356 returns its assessment.
  • the selector 800 may use other criteria to determine the recipients of the message-gram 5Or to be conveyed.
  • selector 800 calls signature generating function 1354 of message processing software component 135 to have a signature generated.
  • the generated signature is made a part of internal message representation 52s, which is given to transceiver 100 for issuance. This has the effect of causing signature field 540s of issued message-gram 50s to contain the generated signature.
  • issuers and destinations may include dissemination nodes 30 and other channels 810. Thus, node and/or channel specific information is used in signature evaluation and generation. This information may be kept in data store 815, for example in the data set 8154 associated with the particular node.
  • FIG. 10 shows an exemplary embodiment of the establishment of a dissemination relationship between a dissemination node 30 and a dissemination channel 810.
  • Dissemination node 30 issues a request to establish a messaging relationship by preparing and issuing message-gram 5Oq with request field 55Oq set to indicate the nature of the request.
  • dissemination node 30 further sets request data field 555q with its public key.
  • the dissemination node sets the destination identity field 51Oq to the identity of the specific channel 810 with which the node 30 is requesting to establish a relationship, and not the identity of the channel host 80 itself.
  • Request message-gram 5Oq is received by dissemination channel host 80 acting on behalf of any dissemination channel 810 it acts as.
  • Message-gram 5Oq does not have a signature field because there is no pre-existing relationship between dissemination node 30 and dissemination channel host 80 for the dissemination channel 810.
  • selector 800 accepts it because it contains request field 550 set to indicate the request to establish a dissemination relationship.
  • Selector 800 may apply any of a variety of acceptance criteria to determine whether or not to accept the request. Some embodiments may limit establishment of dissemination relationships to only certain dissemination nodes 30. One such means for limiting the establishment of a relationship is to require dissemination node 30 to supply a credential (that may of any variety of forms, one such example being a digital certificate) when making the dissemination relationship request. The presentation of a valid credential of a valid credential evidences the suitability of the requestor to establish the relationship.
  • Selector 800 prepares a response indicating whether or not the request was accepted, and causes message-gram 5Op to be issued to the requesting dissemination node 30.
  • Result field 57Op is set to indicate the disposition of the request (accepted or not). If accepted, and if an embodiment in which message- gram signatures are generated and evaluated with public key cryptography, the selector 800 may return a public key in message-gram data field 575p.
  • the public key returned is that of the channel 810 for which the request was made.
  • the mechanism may be adapted to effect interaction between dissemination nodes 30 and dissemination channels 810 or dissemination channel hosts 80 for a number of purposes. Other such purposes may include, but are not limited to, amending a dissemination relationship, and canceling such a relationship so that a dissemination channel 810 ceases issuing messages to a dissemination node that had been subscribed to that dissemination channel 810.
  • Information regarding dissemination nodes 30 with which a dissemination channel 810 has a relationship may be kept in data store 815 of channel host 80.
  • selector 800 determines which dissemination nodes 30 that have a relationship are issued message-grams 50, and may do so using attributes regarding the nodes.
  • the attributes of these dissemination nodes 30 may be maintained in data store field 8152.
  • Such attributes may include information about the relationship, such as whether a dissemination node 30 has the right to issue message-grams to some channel 810 serviced by channel host 80, and/or whether a dissemination node 30 has requested to receive message-grams issued by some channel 810 serviced by channel host 80.
  • Node-specific attributes may also be acquired from each dissemination node 30. Such information might describe the dissemination node
  • the latter category may include geographic (geocode, location), demographic (age, gender, income), and psychographic (interests, possessions, lifestyle) attributes of the user, some or all of which may be used by selector 800 in determining which dissemination nodes will receive re-issued instances of message-grams 50 originally issued to a dissemination channel. 810 for which the dissemination channel host provides service.
  • FIG. 11 depicts an exemplary embodiment of operation of selector 800 in using node attributes to constrain the selection of dissemination nodes 30 that receive messages issued by the selector 800 on behalf of dissemination channel 810.
  • message-gram 5Or has been posted to channel 810 of channel host 80 by some dissemination node (not shown) and reaches channel host 80 via conveyance transaction 610a.
  • Message-gram 5Or is conveyed to channel host 80 because its destination identity field 51Or specifies the identity 805 of channel 810, which is hosted by channel host 80.
  • Message-gram 5Or may contain redistribution parameters field 53Or, populated by the sending node, that specifies constraints for message-gram 50 dissemination.
  • Selection filter 825 of selector 800 uses these parameters to select nodes (not shown) that are subscribed to the channel 810 for receipt of a message-gram 50 containing the content of received message-gram 5Or. In some embodiments, selection filter 825 does this by selecting against attributes of each subscribed node as contained in node attributes data field 8152 of data store 815. The identities of nodes meeting the redistribution criteria, if any, are passed to message-generator 835 which constructs a message-gram 50s for each and causes the constructed message-gram 50s to be issued. Message-generator 835 instantiates each message-gram 50s, setting the destination identity field 510s to that of a selected node.
  • the message- generator 835 also sets content field 590s with content from the received message-gram 50r's content field 59Or.
  • the issuer's identity field 520s of issued message-grams 50s is set to the identity of the channel 805.
  • Message-grams, such as message-gram 50s, are issued to the destination node via execution of conveyance transaction 610b.
  • FIG. 12 shows an exemplary embodiment of a delivery agent 70 that may be used in a messaging dissemination system 90 to provide message-gram 50 delivery on behalf of other apparatus.
  • Delivery agent 70 may be used in a message-gram dissemination system 90 to provide reliable delivery of message- grams 50.
  • the delivery agent 70 may be used for dissemination nodes that may only be connected to the connection network 65 intermittently. When not connected, message-grams cannot be conveyed to dissemination node 30.
  • Delivery agent 70 is generally deployed to be ever present.
  • a delivery agent 70 accepts message-grams 50 from client nodes 30/80 and delivers or forwards them as appropriate. In addition, the delivery agent 70 queues message-grams that cannot be delivered when a destination node 30 is not available. Similarly, a delivery agent 70 receives message-grams 50 destined for a node, completes delivery when the node is available, or queues the message-gram 50 if the node is not available.
  • a message dissemination system 90 using delivery agent 70 consolidates the queuing function in the delivery agent 70. Other nodes may thereby be freed from having to deal with intermittent apparatus accessibility.
  • dissemination node 30a receives delivery service from delivery agent 70a, while dissemination node 30b receives delivery service from delivery agent 70b.
  • Message-gram 5Oe issued by dissemination node 30a destined for channel 810 is first conveyed to delivery agent 70a, which then further conveys a message-gram to the channel 810.
  • Delivery agent 70a does this by instantiating a new message-gram 5Of, which is functionally equivalent to message-gram 5Oe, and issues the new message-gram 5Of to dissemination channel 810.
  • delivery agent 70 may free other apparatus of the burden of storing or delivering message-grams based upon available of the destination apparatus.
  • delivery agent 70 may unburden their clients from having to select routes for message-grams.
  • Delivery agent 70 may accept all message- grams issued by their clients and handle the task of determining how to convey message-grams to or toward their destination.
  • channel 810 has issued message-gram 5Og to node 30b based upon its identity 305b.
  • the address resolution mechanism used in message dissemination system 90 is configured to resolve to the delivery agent 70 when queried for the address of an identity that is a client of a delivery agent.
  • the underlying conveyance mechanisms of connection network 65 causes message-gram 5Og to be conveyed to delivery agent 70b.
  • Delivery agent 70b then either delivers the message-gram to node 30b, if node 30b is available, or queues it for subsequent delivery.
  • Delivery agents 70 are aware of the availability of client apparatus because client apparatus establish services session 620 with the delivery agent
  • services session 620 is a persistent session, maintained beyond the duration of any single transaction. Hence, if a message-gram 50 arriving at a delivery agent 70 is destined for a client apparatus and the client apparatus has a services session, then the delivery agent 70 attempts to deliver the message-gram to the client apparatus.
  • message dissemination systems 90 may be push-based. In such cases, no apparatus needs to poll for messages, and the message dissemination system may present a much lower transaction burden to connection network 65 than would a polling-based system, such as POP in email. In another embodiment, push-based dissemination of messages might be facilitated by another component (not expressly shown in FIG. 12) of the dissemination system 90.
  • FIG.13 shows an exemplary embodiment of a message dissemination system 90 with a delivery agent 70 providing delivery service for the dissemination channel 810.
  • delivery agent 70c provides delivery services for channel host 80.
  • Message-gram 5Oj issued by node 30a, is conveyed along virtual conveyance pathway 660a from the node 30a to delivery agent 70a, thence as message-gram 50k to delivery agent 70c.
  • the delivery agent 70c delivers message-gram 5Ol to channel host 80, which provides dissemination for channel 810.
  • message-gram 50m issued by channel host 80 is conveyed by virtual conveyance pathway 660b first to delivery agent 70c, thence as message-gram 5On to delivery agent 70b, which delivers message-gram 5Oo to destination dissemination node 30b.
  • a message dissemination system 90 in which all dissemination node(s) 30 and channel host(s) 80 have message delivery handled by delivery agent 70 may provide significant benefits.
  • the details of message routing, delivery, and storage are confined to, and performed by, the delivery agents 70. This may make system design easier, maintenance more effective, and implementation architecturally more in tune with modern software and systems practices.
  • an ensemble of delivery agent aggregate to provide a managed infrastructure for message conveyance.
  • the delivery agents 70 may authorize nodes 30 and/or channel hosts 80 for access to the message dissemination system 90.
  • the nodes 30 and/or channel hosts 80 are only allowed to connect to, and thus receive and/or send messages through the message dissemination system 90, if the nodes 30 and/or hosts 80, respectively, are determined by the delivery agents to be valid.
  • FIG. 14 shows an exemplary embodiment of a message dissemination system 90 in which delivery agents (not separately depicted) are aggregated to provide message-gram delivery for all dissemination entities.
  • delivery agents (not separately depicted) are aggregated to provide message-gram delivery for all dissemination entities.
  • the collection of delivery agents acting in concert serve as a dissemination manifold 75 that manages the conveyance of message-grams between dissemination entities 10.
  • Dissemination manifold 75 routes message-grams between dissemination entities, regulates their flow, and queues messages for delivery when necessary.
  • message-gram 5Ot issued by dissemination entity
  • message-gram 5Ot is conveyed along virtual conveyance pathway 660.
  • the message-gram 5Ot is conveyed through dissemination manifold 75 is delivered as message-gram 5Ov to the destination dissemination entity 10b.
  • Message-gram 5Ov is functionally equivalent to message-gram 5Ot.
  • message-gram 5Ov and message-gram 5Ot may have much the same content.
  • message-gram 5Ot and message-gram 5Ov are distinct entities, and generally have different destination and issuer identities.
  • This perspective of a dissemination manifold 75 hides details of an implementation that are not overtly relevant to message-gram conveyance. Such hiding of details may be considered a hallmark of good software design. Conforming to this perspective may guide an embodiment of a message dissemination system 90 toward effective implementation. For example, from this perspective, message-gram conveyance is seen as an end-to-end transaction between dissemination nodes. Specifically, destination identities and issuer identities of conveyed message-grams must refer to dissemination entity 10 and not to the delivery agent that underlie the dissemination manifold.
  • FIG. 15 depicts an exemplary embodiment of a delivery agent 70 performing its role in a dissemination manifold 75.
  • messages-gram 5Ow is delivered via conveyance transaction 610a to message- gram transceiver 100 of the delivery agent 70.
  • Conveyor 700 processes the received message-gram 5Ow.
  • Client manager 745 maintains state information in client session status data field 7155 of data store 715 regarding the connection status of its client dissemination entity (not shown). If the destination dissemination entity is not available, the received message-gram 5Ow may be queued for delivery in stored messages data field 7158 of data store 715. If the destination entity is available, the message-gram is delivered.
  • a message-gram instance 5Ox is delivered via conveyance transaction
  • the fields of message-gram 5Ox are populated based on the content of received message-gram 5Ow.
  • the existence of the delivery agent 70 is transparent for message-grams 50 conveyed through to clients.
  • the destination identity field 510, issuer's identity field 520, and signature field 540 generally are not modified as this preserves the ability of the destination apparatus to validate the authenticity of the message in regard to its originating issuer.
  • Signatures may also be used by delivery agents with client apparatus to validate the client apparatus identity. In some embodiments, this is done with message-grams 50 used to establish a services session. An exemplary embodiment of this is shown in FIG. 16.
  • delivery agent 70 inherently trusts message-grams 50 conveyed through it on behalf of a client apparatus. This feature may not vitiate or weaken trustability of messages-grams 50 in a message dissemination system 90 because validation is performed between issuers and destinations. However, message-grams 50 received by a delivery agent 70 for delivery to a client are only delivered to that client. Therefore, delivery agents 70 may validate client identity before establishing a services session.
  • some dissemination entity 10 issues message-gram 5Oy initiating a request to establish a session.
  • Message-gram request field 505y is set to indicate this, making the conveyance of the message-gram 5Oy a session establishment request transaction 682.
  • the requesting dissemination entity 10 further supplies a signature for the request.
  • the signature is contained in signature field 54Oy.
  • the delivery agent 70 can validate the identity of the issuer, which the issuer has asserted in message-gram field 52Oy.
  • Transceiver 100 of delivery agent 70 passes internal message-gram representation 52y to client manager 745.
  • Client manager 745 then calls signature evaluating function 1356 of message processing software component 135, passing it requisite data as has earlier been described. If the signature does not validate, the session is not established. As a result, the dissemination entity would be precluded from joining a message dissemination system 90 to which the delivery agent 70 belongs. Should the signature be validated, client manager
  • Client manager 715 prepares a message-gram 50 to indicate whether the session request is accepted or not, populating internal message-gram representation 52z.
  • the message-gram internal representation 52z is passed to transceiver 100 for issuance as message-gram 5Oz.
  • the return of message- gram 5Oz to the requesting dissemination node 10 provides session establishment response 684.
  • Message-gram 5Oz has response field 515z set, indicating whether the session request has been accepted. Further, so that the dissemination entity 10 can trust that it has established a session with its authentic session service providing delivery agent, in some embodiments, the delivery agent 70 identifies itself. The delivery agent 70 may do so by setting issuer's identity field 52Oz and including a signature 54Op that was generated by signature generating function 1354.
  • a services session may thus be established. Once established, a services session provides for asynchronous, on-demand delivery of messages between the client dissemination entity 10 and its delivery agent 70.
  • FIG. 17 illustrates a schematic diagram of an exemplary embodiment of the interactions of dissemination entities of a dissemination system constructed in accordance with the method and system described herein.
  • messaging system 90 includes dissemination nodes 30a and
  • a dissemination channel host 80 providing service for some dissemination channel 810
  • delivery agents 7Oj and 70k all of which are connected by transport connection 615 to connection network 65.
  • Delivery agent 7Oj provides delivery service for both dissemination nodes 30a and 3Od, with which it has services session 620a and 62Od, respectively.
  • Delivery agent 70k provides delivery services for dissemination channel host 80, with which it has some services session 620.
  • dissemination node 30a has user 20a that is a programmatic entity.
  • User 20a authors content for a message-gram 50, specifies the destination channel 810, and calls manager 300a to originate the message-gram, which it does by invoking transceiver 100a. This results in the issuance of message-gram 5Ot, which is delivered via the delivery services of services session 620a to deliver agent 7Oj.
  • Conveyor 70Oj of delivery agent 7Oj determines that the delivery agent that provides delivery service for destination channel 810 is provided by delivery agent 70k, and so forwards message-gram
  • conveyor 700k of delivery agent 70k determines that it provides delivery services for the destination, channel 810, and so delivers message-gram 5Ov, derived from message-gram 5Ou, to channel host 80.
  • the selector 80Of may then handle the received message-gram.
  • the entire conveyance is depicted as virtual conveyance pathway 660.
  • the receiving channel host 80 may disseminate new message-grams to destination dissemination nodes, as selector 800 determines for channel 810.
  • the process of conveyance from dissemination host 80 to other dissemination nodes operates as described for conveyance in this figure.
  • a method and system for performing information dissemination, particularly in a trusted manner has been disclosed.
  • the method and system have been described in accordance with the embodiments shown.
  • an exemplary embodiment may be implemented using hardware, software, a computer readable medium containing program instructions, or a combination thereof.
  • Software written according to the present invention may be stored in some form of computer- readable medium, such as memory, a hard disk, or CD/DVD-ROM, and executed by a processor. Accordingly, many modifications may be made by one of ordinary skill in the art without departing from the spirit and scope of the method and system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Human Resources & Organizations (AREA)
  • Operations Research (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Data Mining & Analysis (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A method and system for disseminating messages The method and system include providing a plurality of nodes and channel host(s) coupled with the nodes A node issues a message and/or receives a message pushed to the node without polling for the message The message originates at an originating node and terminates at a destination node Each of the channel host(s) corresponds to channel(s) and receive messages without polling for the message The channel(s) disseminate the message between the nodes by receiving a message including content corresponding to the message and by issuing to the destination node and/or channel(s) through which the message has not been conveyed a new message including a portion of the content The channel(s) allow for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message

Description

APPARATUS AND METHODS FOR TRUSTED DISSEMINATION
OF INFORMATION AMONG A POPULATION OF USERS
IN AN OPEN ENVIRONMENT
BACKGROUND OF THE INVENTION
Electronic dissemination of information reduces distribution costs, increases distribution speed, and eliminates many distribution barriers. The Internet is a broadly adopted, universally accessible, electronic communications infrastructure, and so is a desirable environment in which to disseminate information. Mobile telephony provides delivery to people where they are. Consequently, such mechanisms for disseminating information have become ubiquitous. Bridges between the two technologies also exist.
Although the Internet and mobile telephony are useful in information delivery, both have drawbacks. Because both expose user end-point addresses to third parties, both environments may suffer from increasing volumes of spoofed and spammed content. This is because message delivery mechanisms designed for use in open environments generally are open in regard to the types of mechanisms which can interoperate, so long as the mechanisms conform to connection and delivery protocols. Attempting to mitigate the problems by the application of "fixes" is difficult, incomplete, and susceptible to bypass.
Consequently, another mechanism for information dissemination is desired.
BRIEF SUMMARY
A method and system for disseminating messages are described. The method and system include providing a plurality of nodes and at least one channel host coupled with the nodes. A node is configured to issue a first new message and/or receive a first received message pushed to the node without polling for the first received message. The node may be configured to present the first received and/or first new message to user(s). The node may be configured to store the first received and/or first new message. The message originates at an originating node and terminates at a destination node. Each of the channel host(s) corresponds to at least one channel. The channel host(s) receive a second received message pushed to the channel host without polling for the second received message and issues a second new message. The channel(s) disseminate the message between the plurality of nodes by receiving the second received message including content corresponding to the message and by issuing to the destination node and/or a portion of the at least one channel through which the message has not been conveyed the second new message. The second new message includes a portion of the content. The channel(s) allow for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node.
BRIEF DESCRIPTION OF SEVERAL VIEWS OF THE DRAWINGS
FIG. 1 is a diagrammatic representation of an exemplary embodiment of messaging system.
FIG. 2 depicts an exemplary embodiment of message dissemination system.
FIG. 3 depicts an exemplary embodiment of components of a dissemination node and aspects of message dissemination.
FIG. 4 depicts an exemplary embodiment of a dissemination node.
FIG. 5 depicts an exemplary embodiment of a process for keeping user identities private in message dissemination.
FIG. 6 depicts an exemplary embodiment of the role of message signatures in message dissemination and their handling by dissemination nodes.
FIG. 7 depicts an exemplary embodiment of a signature generating function. FIG. 8 depicts an exemplary embodiment of a signature evaluating function.
FIG. 9 depicts an exemplary embodiment of the handling of message signatures in a dissemination channel host.
FIG. 10 depicts an exemplary embodiment of the establishment of a messaging relationship between a dissemination node and a dissemination channel.
FIG. 11 depicts operation of an exemplary embodiment of a channel host.
FIG. 12 depicts an exemplary embodiment of a delivery agent providing delivery services to other dissemination entities in a dissemination system.
FIG. 13 depicts an exemplary embodiment of a dissemination system.
FIG. 14 depicts an exemplary embodiment of a dissemination system.
FIG. 15 depicts an exemplary embodiment of a delivery agent. FIG. 16 depicts an exemplary embodiment of the establishment of delivery services for a dissemination entity by a delivery agent.
FIG. 17 depicts an exemplary embodiment of the dissemination of a message-gram in a message dissemination system from a dissemination node to a dissemination channel host, where both apparatus have delivery service provided by delivery agents.
DETAILED DESCRIPTION OF THE INVENTION
The exemplary embodiments relate to Information dissemination and message conveyance. The following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements. Various modifications to the exemplary embodiments and the generic principles and features described herein will be readily apparent. The exemplary embodiments are mainly described in terms of particular methods and systems provided in particular implementations. However, the methods and systems will operate effectively in other implementations. Phrases such as "exemplary embodiment", "one embodiment", "another embodiment", "exemplary embodiments", and "other exemplary embodiments" may refer to the same or different embodiments. The embodiments will be described with respect to systems and/or devices having certain components. However, the systems and/or devices may include more or less components than those shown, and variations in the arrangement and type of the components may be made without departing from the scope of the invention. The exemplary embodiments will also be described in the context of particular methods having certain steps. However, the method and system operate effectively for other methods having different and/or additional steps and steps in different orders that are not inconsistent with the exemplary embodiments. Thus, the method and system are not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features described herein.
The exemplary embodiments herein are mainly described in terms of particular systems provided in particular implementations. However, one of ordinary skill in the art will readily recognize that this method and system will operate effectively in other implementations. For example, the systems, devices, and networks usable with the present invention can take a number of different forms. The method and system are described in the context of certain services being provided in particular components. However, one of ordinary skill in the art will recognize that in alternate embodiments, the services might be provided in different components. Similarly, the method and system are described in the context of particular devices and protocols, for example mobile telephony and Internet protocols. However, one of ordinary skill in the art will recognize that the method and system may be used with other devices and protocols. The method and system will also be described in the context of particular methods having certain steps. However, the method and system operate effectively for other methods having different and/or additional steps not inconsistent with the method and system.
The exemplary embodiments provide a method and system for disseminating information. In one exemplary embodiment, the method and system include providing an apparatus containing an embedded transceiver that allows the apparatus to deliver message-grams to other such apparatus. In some embodiments, the delivery is with a high degree of trust, both in the reliability of the system and the integrity of message-grams passed between them. A mechanism having a high degree of trust may provide safeguards for participant identity, may assure information consumers of the authenticity of received information, may increase the likelihood of receiving desirable (relevant) information, and/or may aid in assuring participants that they can avoid inundation by unwanted messages.
The method and system disclosed herein may be used to convey messages-grams, which are containers holding a structured collection of information items. The use of structured information may allow a variety of software applications to inter-operate using the method and system. Such application software applications may enable users to post and receive message-grams, and/or manage a collection of message-grams. Such software applications may inherently process message-grams, either generating them for dissemination and/or processing ones that are received. Such software applications may present a user interface to a human being and/or be driven by a programmatic entity, for example through an API (Application Programming
Interface).
A messaging transceiver is a programmatic function able to interchange message-grams with other such transceivers. Although transceivers may have an exposed end-point address, some embodiments of the invention may be configured to limit access to an apparatus containing such a transceiver.
Transceivers may establish relationships with one or more other transceivers. Such relationships may enable a transceiver to issue message-grams to the other transceivers, permit receipt of message-grams from the other transceivers, or both. A messaging apparatus is a device containing a messaging transceiver and thereby is able to convey message-grams with other such apparatus. Messaging apparatus may also contain one or more of a variety of application software that provide functionality in addition to that provided by the transceiver. The messaging apparatus provides physical connectivity with a connection network, which connects a plurality of such messaging apparatus. The embedded transceiver of a messaging apparatus conveys message-grams to and from other messaging apparatus via the physical connection.
In some embodiments, the messaging node apparatus may be used to initiate the sending of message-grams and/or may be the terminus for the final delivery of sent message-gram. In some embodiments, the channel apparatus may intermediate conveyance of the message-gram between messaging node apparatus. Thus, the channel apparatus may be considered to provide a channel through which message-grams flow between sender and recipient(s). The messaging apparatus, (directly, or by association with a contained messaging transceiver) may have exposed end-point addresses, but access to an apparatus may be limited. The messaging transceivers may limit access to the application software functionality of the messaging apparatus. The messaging transceiver may limit message-gram delivery to only other such other messaging transceivers as are authorized.
In one embodiment, message-gram dissemination does not take place unless messaging apparatus have negotiated a relationship permitting message- gram conveyance between them. Thus, the messaging apparatus may limit message-gram delivery to a sub-population of messaging apparatus. Further, message-grams from unauthorized messaging apparatus may be discarded or otherwise handled appropriately as being potentially unwanted and unwelcome, thereby reducing or eliminating "spam".
In another embodiment, messaging apparatus may have intrinsic mechanisms for validating and authenticating message-grams as having come from the sender the message-gram claims to be from. The messaging apparatus may filter message-grams based on evaluating such authenticity. Thus, dissemination of message-grams among messaging apparatus may be trustable in that message-grams that are not authenticated as coming from the claimed originating messaging apparatus are discarded or otherwise handled appropriately as being potentially of fraudulent origin, thereby reducing or eliminating "spoofing".
The method and system include providing a message conveyance mechanism that may limit message delivery to between other certain apparatus, may have intrinsic capabilities for validating and authenticating messages, and may have intrinsic capabilities for limiting message dissemination between a given apparatus and a sub-population of other apparatus with which that apparatus has negotiated a relationship permitting message delivery.
Turning to the drawings, wherein like components are designated by like reference numerals throughout the various figures. Note that for clarity, a numeric designation may be considered to refer to a one or more of a set of components, while an alphanumeric designation refers to a particular one of the components. For example, the numeric designation 10 may refer to any embodiment of a messaging apparatus including 10 (shown in detail in FIG. 1 ), 10a, 10b, and 10c. In contrast, the alphanumeric designation 10a refers to a particular messaging apparatus 10a shown in detail.
FIG. 1 illustrates a schematic diagram of particular elements of an exemplary embodiment of a messaging apparatus 10 in the context of a messaging system 90. Messaging system 90 includes a plurality of messaging apparatus 10, each of which is connected by transport connection 615 to connection a network 65. Through the network 65, messaging apparatus 10 are able to conduct inter-apparatus communications. The physical nature and protocol methods used to establish transport connections 615 depend upon the nature of the embodiment of connection network 65. For example, in embodiments where connection network 65 is the Internet, transport connection 615 may be based upon Ethernet 802.11 , either wired or wireless, and may use the TCP/IP protocol stack or some other protocol stack to provide inter- apparatus communications. In some embodiments of messaging apparatus 10, aspects of the connection interface and portions of the protocol may be provided by device 12.
Device 12 provides an execution platform for the operation of messaging apparatus 10, which includes a messaging transceiver 100 and apparatus functionality 15. In some embodiments, device 12 is the same type of device for all interacting messaging apparatus 10. In other embodiments, device 12 varies throughout the messaging system 90. In one such embodiment, the device 12 may vary markedly, such as cellular telephones and portable personal computers. In embodiments where the differences are significant, transport connection 615 may include gateways (not shown) that enable non-native devices to access network 65.
Although details of network 65 and connections 615 may vary, the network 65, with devices 12 able to establish connections 615 to the network 65, provides an infrastructure by which messaging apparatus 10 may convey messages between the apparatus 10. In some embodiments, such messages take the form of message-grams 50.
Message-grams 50 are structured containers of information. Such structure may be achieved by any of a variety of mechanisms. Such mechanisms may include, but not be limited to, the use of XML, an in-stream tagging scheme, and/or serialization of data. As with the details of connection network 65 and transport connections 615, message-gram structure may vary. However, so that apparatus 10 may parse message-grams 50 passed between the apparatus 10, a consistent structure should be used by the messaging apparatus 10 of messaging system 90 that are intended to interact.
Messaging apparatus 10 contain messaging transceivers 100 that provide for the interoperable conveyance of message-grams 50 between messaging apparatus 10 of messaging system 90. As with details of message-gram structure, connection network, and transport connections, the implementation of messaging transceivers 100 may vary.
In addition to messaging transceiver 100, messaging apparatus 10 include apparatus functionality 15 that provides specific functionality that may be considered to distinguish one type of messaging apparatus 10 from another. In one embodiment, the messaging transceiver 100 and apparatus functionality 15 have distinct roles and so are partitioned and implemented as distinct elements. In another embodiment, at least some of the functions of transceiver 100 and apparatus functionality 15 are merged. Any such variation along a continuum of partitioning may be an embodiment, as long as any such construction provides for the interoperable conveyance of message-grams between messaging apparatus 10 of a messaging system 90. Further, given the possible presence of different device types, both the messaging transceiver 100 and the apparatus functionality 15 may vary in accord with each device type. Again, as long as they inter-operate, even if through gateways (not shown), such messaging apparatus 10 may be part of a messaging system 90.
Messages, which may be in the form of message-grams 50, are conveyed between the messaging apparatus 10 via conveyance transaction 610. Each apparatus 10 has an identity 105 by which it is known to other messaging apparatus 10. Such identities are used to route messages between apparatus 10. In one embodiment of messaging apparatus 10, identity 105 may be associated with device 12. In another embodiment, identity 105 may be associated with messaging transceiver 100. In yet another embodiment, identity 105 is associated with apparatus functionality 15. In another embodiment, the identity 105 may be associated with some combination of the device 12, messaging transceiver 100 and apparatus functionality 15. In any of these embodiments, a single messaging apparatus 10 may have more than one identity 105. Such a plurality of identities is an important feature of certain embodiments of messaging apparatus 10. Message-grams 50 are containers of structured information having fields 500, which contain different types of information. Some fields may have common semantic meaning to, and are used by, the messaging transceiver 100. Other fields may have common semantic meaning to, and are used by, the apparatus functionality 15. Some fields may have common semantic meaning to, and are used by, both transceiver 100 and functionality 15. Message-gram 50 may contain different numbers of, and types of, fields. This is shown in FIG. 1 by fields 500a, 500b, and 500c of message-gram 5Or and fields 50Oe, 50Of, 50Og, and 50Oh of message-gram 50s. As shown in FIG.1 , message-gram 5Or is conveyed from messaging apparatus 10a to messaging apparatus 10 by conveyance transaction 61Or. Similarly, message-gram 50s is conveyed from messaging apparatus 10 to messaging apparatus 10b by conveyance transaction 610s. The actual route of a message-gram 50 conveyed between messaging apparatus 10 through connection network 65 may take a variety of pathways and travel through intermediary agents. As such, in the figure, the conveyance of message-grams 5Or and 50s are represented by virtual conveyance pathways 66Or and 660s, respectively. The particular pathway 660 is not important as long as the underlying conveyance conveys the content of message-grams 50 substantially unaltered from sender to recipient.
As further shown in FIG.1 by the destination of conveyance transaction 61Or, message-grams 50 are received at messaging transceiver 100 of messaging apparatus 10. Similarly, as shown by the origination of conveyance transaction 610s, message-grams 50 are also issued from messaging transceiver 100 of messaging apparatus 10. As implied by this, message-grams
50 are conveyed from the messaging transceiver 100 of one messaging apparatus 10, and are received by the messaging transceiver 100 of another messaging apparatus 10. In some conveyances, message-grams 50 culminate at, and originate from, apparatus functionality 15. This is shown in FIG.1 by the destination of virtual conveyance pathway 66Or for message-gram 5Or and the origination of virtual conveyance pathway 660s for message-gram 50s. In other conveyances (not shown), the origination of an issued message-gram and the disposition of a received message-gram begin and end, respectively, with the messaging transceiver 100. In the embodiment shown in FIG. 1 , messaging transceiver 100 conveys message-grams originated by, and culminating at, apparatus functionality 15.
Attention is now directed to FIG. 2 that shows another exemplary embodiment of a message dissemination system. Dissemination system 90 includes a plurality of dissemination nodes 30, each having an identifier 305 that is unique in the dissemination system. A dissemination node 30 may correspond to one type of messaging apparatus 10. Each dissemination node 30 is connected by transport connection 615 to connection a network 65. The physical nature and protocol methods used to establish transport connections 615 depend upon the nature of the embodiment of connection network 65. For example, in embodiments where connection network 65 is the Internet, transport connection 615 may be based upon Ethernet 802.11 , either wired or wireless, and the use of the TCP/IP protocol stack. Although particular details of network 65 and connections 615 may vary, the network 65 and connections 615 provide a mechanism for dissemination nodes to convey message-grams 50 between them. Messages in the system 90 may be conveyed via message-grams 50. Message-grams 50 are structured containers of information. Such structure may be achieved by any of a variety of mechanisms, such as, but not limited to the use of XML, an in-stream tagging scheme, and/or serialization of data. As with the details of connection network 65 and transport connections 615, message- gram structure may vary between embodiments of a dissemination system 90. However, the dissemination entities of dissemination system 90 should use a consistent mechanism so that entities may parse message-grams conveyed between them.
Message dissemination among dissemination nodes 30 in dissemination system 90 is intermediated by one or more dissemination channels 810. A dissemination channel 810 is an abstraction instantiated in a dissemination channel host (not shown), and though dissemination channels are abstractions, their instantiations are nonetheless reachable through connection network 65.
Further, as they may contain a transceiver (not shown in FIG. 2) and other functionality, a channel host 80 may also be considered to be a type of messaging apparatus 10. As shown in the figure, node apparatus 30a has issued message-gram 50a for dissemination. The message-gram 50a is delivered to dissemination channel 81Ox for dissemination to recipient nodes 30 selected by the channel 810. In one embodiment, an issuing node apparatus 30 does not specify the destination recipients. Instead, selection of recipients may be performed by the channel 810. As shown in the figure, channel 81Ox has issued message-gram 50b to node 30b, and message-gram 50c to node 30c. Certain of original content provided by an originating node to a channel is copied into the message-grams issued by the channel. As shown in the figure, some or all of the content provided by originating node 30a in message-gram 50a issued to channel 81Ox is copied by the channel into message-grams 50b and 50c.
The actual route of message-grams 50 conveyed between dissemination entities through connection network 65 may include a variety of pathways through intermediary agents. As such, the conveyance as presented in the figure is virtual. In the figure, the conveyance of message-grams 50a, 50b, and 50c is represented by virtual conveyance pathways 660a, 660b, and 660c, respectively. Regardless of the path, the underlying conveyance mechanism may ensure that message-gram fields are conveyed fundamentally unaltered from sender entity to recipient entity. Further, though not shown in FIG. 2, conveyance of message- grams 50 may involve the establishing and maintaining dissemination relationships, discussed below, between the nodes 30a, 3b, and 30c, respectively, and the channel 810.
Attention is now directed to FIG. 3 that shows an exemplary embodiment of aspects of message dissemination and components of dissemination node 30. The node 30 provides transport connection 615 to connection network 65. This connection 615 might be provided in a variety of ways. As shown in FIG. 3, three dissemination channels 81Ox, 81Oy, and 81Oz are accessible via the connection network 65.
In some embodiments, dissemination entities, including dissemination nodes 30, include transceiver 100, which provides functions that handle reception and issuance of message-grams 50. The receipt of message-gram 5Or via conveyance transaction 61Or, and the issuance of message-gram 50s via conveyance transaction 610s represent the performance of these functions. Message-grams 50 may be conveyed between dissemination entities 30 having an ability to inter-operate via a common protocol implementation of conveyance transaction 610.
In some embodiments, the dissemination node 30 may further include messaging manager 300. Such a messaging manager 300 is shown in FIG. 3.
The messaging manager 300 originates a message-gram 50 and/or handles a received message-gram 50. In an embodiment where transceiver 100 handles message conveyance, message-grams 50 originated by messaging manager 300 are passed to transceiver 100 for conveyance, and message-grams 50 received by transceiver 100 are passed to messaging manager 300 for disposition. Mechanisms for origination of message-grams 50 and for the disposition of message-grams 50 by messaging manager 300 vary based on the purpose or role of that dissemination node in the dissemination system. A dissemination system 90 may contain multiple types of dissemination nodes. In some embodiments of a dissemination node 30, a user authors message-grams
50 and received message-grams 50 are presented to the user. In such embodiments, messaging manager 300 may provide for interactions with the user. In other embodiments of a dissemination node 30, messaging manager 300 may interact with programmatic instructions (e.g. a software program) that has authored content and to which the messaging manager delivers received message-grams. The programmatic instructions may then perform actions based upon the received message-grams.
In the embodiment shown, dissemination node 30 acts on behalf of user 20. Interactions with user 20 are mediated by user interface 310, which conveys information between the user 20 and manager 300.
In some embodiments, in order for a dissemination node 30 and a dissemination channel 810 to conduct message-gram dissemination, they establish a dissemination relationship between them. As shown in the figure, dissemination node 30 has established dissemination relationship 630a with dissemination channel 81Ox and dissemination relationship 630b with dissemination channel 81Oz. There is no such relationship between the dissemination node 30 and the dissemination channel 81Oy. Manager 300 of dissemination node 30 establishes such relationships 630 with a dissemination channel 810. However, in another embodiment, another component of the dissemination node 30 may establish and/or manage such relationships 630.
One embodiment of a mechanism by which this may be done is explained below.
A variety of information used by the manager 300 may be needed to be durable (i.e., available over time). Consequently, such information may be stored in data store 315. Such information may include messages that have been received from channels 810 and information about the channel(s) with which the dissemination node 30 has established a dissemination relationship
630. Each dissemination node 30 has an identity 305 that is unique within the context of the message dissemination system 90. Using the identity 305, other entities (not shown) in the system 90 can specify the specific node 30 as the recipient of message-grams 50 sent to the node 30. For example, as discussed above, a channel 810 may specify the identity 305 of the node 303 as a recipient of a particular message-gram 50. Similarly, other entities may utilize the identity
305 to identify received messages as having come from the node 30.
Attention is now directed to FIG. 4 that shows an exemplary embodiment of a dissemination node 30 that provides symmetric messaging capabilities to user 20. Symmetric in this regard refers to being able to both originate message- grams 50 and to handle received message-grams 50. As shown in the figure, user interface 310 has aspects for each of these functions: authoring 3120 and presentation 3110.
In some embodiments, a dissemination node 30 might be distinguished from other types of generally available message handling software tools (such as an email program or service) by the former's intrinsic organization, management, and presentation of messages associated with sources and destinations (e.g., dissemination channel(s) 810 for dissemination nodes 30). In contrast, although an email program is symmetric (i.e., both originating and receiving messages), messages are intrinsically managed in relation to the user's email address. In the case where a single email address is being managed, the user generally must handle organization of the messages. In comparison, an RSS reader does manage messages by source. However, the RSS application is not symmetric. In other words, RSS readers do not provide mechanism for originating messages. In contrast to RSS and email, in some embodiments of dissemination node 30, management by channel(s) 810 is a fundamental and intrinsic organizing principle. To facilitate this aspect, data store 315 may have data sets 3154 that hold messages sent to or received from channels 810. Such data sets may be organized by channel 810. Access to data sets 3154 distinguished by channel may be achieved by the use of one or more of a variety of data management techniques. As shown in the figure, datasets 3154a, 3154b, and 3154c contain message-grams associated with different dissemination channels. Such data set distinction may be an intrinsic organizing aspect of data store 315, or a virtual distinction given to enmeshed information that is distinguished by accessor mechanism(s) of data store 315.
Management by channel as an organizing principle may extend to the user interface. Stated differently, the user interface 310 may present data to the user based upon the channel 810 from which the data is received. In the embodiment shown, user interface presentation 3110 includes four distinct output fields. For purposes of illustration, consider that output field 3112a presents a list of dissemination channels 810 with which the dissemination node 30 has established a dissemination relationship. When user 20 selects one of these channels 810, output field 3112b is populated with a list of message-grams 50 associated with the selected channel 810. When user 20 selects one of these message-grams 50, output field 3112c is populated with content from the message-gram 50.
In some embodiments, additional and/or third-party content, such as advertisements, may be presented to the user. As shown in the figure, output field 3112d illustrates the ability of a dissemination node to present additional content that may be derived from or associated with a received message-gram, may be associated with the selected channel, and/or may have some other association. In some embodiments, the additional content may be acquired from external data source 25. Data acquisition process 335 may acquire such external content based upon parameters specific to the embodiment of the node 30. For example, the message-gram may contain reference to the external content and/or the external data source 25. Processing of the message-gram may invoke data acquisition process 335, which acquires the external content. The external content may be presented to the user via the user interface 310.
Authoring interface 3120 may allow a user to author a message-gram 50 and issue the message-gram 50 to a channel 810 for distribution. Input fields 3122 allow for different types of data to be input. For illustrative purposes, as the types and organization of input fields of authoring interface 3120 can vary widely by embodiment, input field 3122a specifies the destination dissemination channel 810. Input field 3122b is the content of the message-gram 50, which may include sub-parts such as a headline as distinct from body copy. Input field 3122c may be a reference to external content (such as advertising) that is to be displayed when the message-gram 50 is displayed by some other, functionally compatible dissemination node 30 that receives the authored message-gram 50. In some embodiments, message-gram content may be described in terms of a mark-up language, such as SGML, HTML, or XHTML so that message- grams conveyed from one dissemination node to another can be symmetric in presentation. In some embodiments, manager 300 may apply such mark-up so that user 20 need not enter mark-up codes. In some embodiments, input field 3122b of authoring interface 3120 may allow for entry of mark-up codes. In yet other embodiments, styling may be applied by user 20 using interface elements of the authoring interface 3120, and user interface 20 or manager 300 may translate such styling to corresponding mark-up codes. Any combination of these or other techniques that cause mark-up codes to be present in the message- gram content suffice. In a symmetric manner, presentation interface 3110 will render marked-up message-gram content for presentation to user 20 in output field 3112c. Such rendering may be performed by an appropriate rendering engine. In some embodiments, message-grams may be coded with different mark-up schema. In such cases, the message-gram may have a field to indicate the particular mark-up schema, or the content contained in the content field may have instructions that specify the mark-up scheme.
FIG. 5 depicts an exemplary embodiment of a method and system that keeps private the identity of message dissemination nodes 30 in the dissemination of message-grams 50 in a message dissemination system 90. As shown in the FIG. 5, dissemination node 30a has issued message-gram 50a to channel 810. In response, channel 810 has issued message-gram 50b to dissemination node 30b. Shown also in the figure, message-grams 50 contain fields 510, 520, 540, and 590, among other possible fields not shown.
Also, as shown in the figure, channel 810, having identity 805, is given expression by channel host 80. The channel host 80 is a dissemination entity, and is connected by transport connection 615e to connection network 65 in a manner harmonious with transport connections 615a and 615b by which the dissemination node are also connected. Selector 800 provides the functional operation of channel 810 in channel host 80.
Message-gram 50a, issued by node 30a, is delivered along virtual conveyance pathway 660a to selector 800 of channel host 80 for handling on behalf of dissemination channel 810. When message-gram 50a is issued, its destination field 510a is set with the identity of the destination channel, 805. Issuer's identity field 520a is set to the identity of the issuing dissemination node, 305a. Message-gram content, provided by the user of node 30a, is contained in content field 590a.
In response to the receipt of message-gram 50a, selector 800, acting as dissemination channel 810, selects which dissemination node(s) will receive message-grams 50 with the message content of the received message-gram 50a. In the embodiment shown, selector 800 has selected node 30b to receive the content of message-gram 50a. To provide this content, selector 800 causes channel host 80 to issue message-gram 50b to node 30b. Message content field 590b contains message content derived from content field 590a of the received message-gram 50a. When message-gram 50b is issued, its destination field 510b is set with identity 305b of the destination node 305b. Issuer's identity field 520b is set to the identity of the issuing channel, 805.
By rewriting the destination identity field 510 and issuer's identity field 520, neither identity of the involved nodes, 30a and 30b, is revealed to the other node. Although the channel address is revealed to both nodes, this is acceptable because both nodes have dissemination relationships with the channel 810. This protection of user end-point addresses (e.g. identities) is beneficial but might be insufficient to adequately reduce unwanted messages. Further, hiding end-point addresses may not prevent the introduction by nefarious entities of fraudulent messages claiming to be authored by some other entity. To provide more complete protection from both unwanted messages and fraudulently identified message-grams 50, message-grams 50 further contain signature field 540 holding a value that is unique to the sending entity, the receiving entity, and the message-gram content. Such signatures can be tested for validity. When the signature is validated, the message-gram 50 is authenticated as having been truly sent by the claimed issuer as identified by issuer's identity field 520.
Dissemination apparatus 30/80 may use a message signature, contained in signature field 540, to validate the authenticity of message-grams 50 conveyed between them. In some embodiments, the signature generated for field 540 may be made specific to either or both the sender and/or the recipient.
In an embodiment where signatures are specific to both, the signature contained in signature field 540a of message-gram 50a would be specific to dissemination node 30a and dissemination channel 810. Similarly, the signature contained in signature field 540b of message-gram 50b would be specific to dissemination node 30b and dissemination channel 810. Dissemination entities 30/80 may authenticate received message-grams 50 as having been issued by the claimed sender using such signatures. Authentication may be desired for several reasons. One is that because message-grams 50 potentially travel through intermediaries, they are subject to unauthorized or mistaken alteration. Another is that message-grams 50 may be received from an entity (that may or may not be a dissemination entity, not shown) with which the receiver does not have a relationship, and so such message-grams 50 may be unwanted. Without a relationship, and depending upon the nature of the signature, a valid signature may not be developed. Thus such unwanted ("spam") messages may be detected and discarded. Yet another reason is that a nefarious entity (that may or may not be a dissemination entity; not shown) but which has access to connection network 65 (either directly or indirectly), may issue message-grams 50 fraudulently claiming to be from some sender that they are not. The use of signatures, depending upon the nature of the signature, may enable a recipient to detect and discard such falsely identified ("spoofed") messages.
FIG. 6 shows an exemplary embodiment of a mechanism by which a message signature provides message integrity using message signatures. Transceiver 100 receives and issues message-grams 50 for dissemination node 30 via message conveyance transactions 610. Received message-grams 5Or have their signature, held in signature field 54Or, evaluated by a signature evaluating function. Issued message-grams 50s have a signature generated by a signature generating function, and set into their signature field 540s. In the embodiment shown, message-gram 5Or is received by transceiver
100, which creates internal message representation 52r containing various fields of the received message-gram 5Or, including, especially, the message signature 540. The internal message representation 52r is passed to manager 300, which authenticates message-grams 50 before handling the message-grams 50 on behalf of the user. Manager 300 invokes signature evaluating function 1356 of message processing software component 135 to evaluate the signature. Signature evaluating function 1356 returns its assessment.
In the case of messages being originated by dissemination node 30, manager 300 calls signature generating function 1354 of message processing software component 135 to have a signature generated. The signature is made a part of internal message-gram representation 52s. The internal message-gram representation 52s is given to transceiver 100 for issuance, which sets signature field 540s of issued message-gram 50s to contain the generated signature.
The signature may be made specific to the destination of the message- gram 50. In generating a signature specific to a destination, information unique to that destination may be used in the generation of the signature. In evaluating a signature from a specific issuer, information unique to that issuer may be used in the evaluation of the signature. For a dissemination node 30, issuers and destinations may be dissemination channels 810. In one embodiment, the channel specific information used in signature evaluation and generation resides in per-channel data set 3154 of data store 315. The information in each such per-channel data set 3154 is associated with a particular channel.
Signature generating function 1354 and signature evaluating function 1356 may use virtually any type of signature algorithms, of which a variety of can be conceived. For example, the signature algorithms 1354 and 1356 may draw upon the various mechanisms of digital cryptography. Signature generating and evaluating functions 1354 and 1356 correspond to and are interoperable among dissemination entities (such as dissemination nodes 30 and dissemination channel hosts 80) of a dissemination system 90 that are to convey message- grams between them. In a dissemination system 90 having multiple, distinct sub populations of dissemination entries, transceivers 100 may be made interoperable by having multiple signature generating and evaluating function pairs 1354 and 1356, and by having an ability to distinguish which pair is used for any given conveyance transaction. For instance, some field(s) of the conveyed message-gram 50 indicating which algorithm has been used to generate the signature may be used to distinguish the signature function 1354 and 1356 pair. In this manner, dissemination entities containing such functionality may operate in a mixed population dissemination system. As shown in the figure, the two functions 1354 and 1356 may be contained in message processing software component 135. In one embodiment, digital cryptography is used. In such an embodiment, signature generating function 1354 generates a cryptographic signature for a message-gram 50. Similarly, signature evaluating function 1356 evaluates a received signature for validity. In some embodiments, any of a variety of techniques might be used to implement such symmetric pairs. Digital cryptography is not necessary, but may lend powerful and efficacious security aspects. In some embodiments, signature generating function 1354 and signature evaluating function 1356 can be associated with the operation of transceiver 100. In other embodiments the functionality may be managed outside of transceiver 100, as is the case of the approach depicted in the figure. In yet other embodiments, the functionality may be accessible to both transceiver 100 and other components of the dissemination node, such as manager 300. FIG. 7 shows a flow diagram for an exemplary embodiment of a particular signature generating function 1354. The particular signature generating function 1354 shown is presented for illustrative purposes, as any of a wide variety of functions may be used to validate the authenticity of messages passed between a sender and a recipient. The technique presented here is based upon the use of public key cryptography. In order to participate in a messaging system using this technique, each dissemination entity (not shown) generates a key pair including a public key (not shown in FIG. 7) and a private key 2100. As shown in the figure, private key 2100 is used to create cypher text used as signature 2540. The signature 2540 is inserted into signature field 540 of message-gram 50. The receiving apparatus (node 30, channel 80, or some other apparatus not shown) may validate the signature 2540 by decrypting the received signature (contained in the signature field 540 of the received message-gram) using the issuing node's public key (not shown). As both the issuing and receiving dissemination entity 10/30/80 use a common technique to generate the source content that is encrypted, the receiving dissemination entity may presume validity if the decrypted cypher text derived from decrypting the signature obtained from the signature field of the message-gram 50 matches the text it generates from equivalent source content. Encryption/decryption of message-gram content alone is insufficient to validate authenticity (for example, a previously validly encrypted message could then be sent by a third party to a different recipient) at a later time). One such approach to overcome this limitation, shown in the figure, combines the destination dissemination entity's identity 105 with some content portion of the content 2590 of the issued message-gram. A first step to combining the destination entity's identity 105 with the content portion 2590 is to concatenate them. A second step may be to compute a digest of the concatenated combination, such as by applying the MD5 or the SHA-1 digest algorithms. By generating a digest, the original content of the combined elements are generally not recoverable from the digest. This feature may be of value in other embodiments of the combining function that involve a shared secret known only to the issuing and receiving entity pair, because the shared secret must not be recoverable from the message-gram if intercepted in transit (otherwise the shared secret is compromised and no longer a secret). The reason for using encryption is not to obscure the source content, but to enable the recipient to be assured that only an apparatus possessing the private key could have generated the message signature.
FIG. 8 shows a flow diagram for an exemplary embodiment of a signature evaluating function 1356 corresponding to signature generating function 1354 presented in FIG. 7. Requisite data from received message-gram 50 may be provided to signature evaluating function 1356. In one embodiment, this data includes extracted signature 2542, a content portion 2590, and the identity 2520 of the issuer, as contained in fields 540, 590, and 520, respectively, of the received message gram 50. The content portion 2590 is used with the issuer's identity 2520 for generating the clear text in the same manner that the generating function computes the signature 2542. Message-grams 50 may contain an issuer's identity field 520 because a message-gram 50 may transit multiple dissemination entities during its conveyance from issuer to receiver. Thus, the entity that actually delivered the message-gram may not be, and often is not, the originating issuer (whose identity is most often contained in field 520). Further, a nefariously constructed entity (which may or may not be a dissemination entity) can maliciously issue message-grams using a fraudulent identity. Hence, the claimed identity of an issuer, or of an apparatus delivering a message-gram, should not be trusted.
The claimed sender identity 2520 may be used to procure the issuer's public key 2115. For other apparatus with which the receiving apparatus has a dissemination relationship, the public key may be maintained in some data store
(not shown). The public key 2115 may be accessed using claimed sender identity 2520. If the issuer's public key 2115 is found, the evaluating function 1356 can be invoked to perform its calculation. However, not having the issuer's public key 2115 may be indicative of there being no established dissemination relationship between the issuer and the receiver. In such case, the message- gram 50 cannot be authenticated. In one embodiment, the message-gram 50 is then by default rejected and will not be passed to the apparatus functionality for handling. In another embodiment, the message-gram 50 is processed further, with limitations of action consequent to this condition. In yet another embodiment, certain actions are allowed in such situation, and a limited subset of message-gram types (such as request to establish a relationship) are permitted and processed.
For message-grams 50 from a sender with claimed identity for which there is a dissemination relationship, the recipient's copy of the issuer's public key 2115 is used to decrypt signature 2542 extracted from the received message-gram 50. For an authentic message-gram (one in which the signature has been encrypted by the private key of the claimed sender), the decrypted cypher text 2110 should be the same as the originally generated combining of the content portion 2590 and the issuer's identity 2520, or the digest thereof if a digest algorithm is applied by the signature generating function. Signature evaluating function 1356 uses the same combining technique 2120 as is used in signature generating function 1354 to generate a combining target value. This target value is tested for identicality with the decrypted cypher text 2110 by comparator 2180, which produced Boolean result 2130. If the values are identical, the message-gram 50 may be treated as authentic. Otherwise the message-gram 50 may be disposed of or otherwise handled in accord with its unverified condition and its specific type. FIG. 9 depicts an exemplary embodiment of the use of signature generating function 1354 and signature evaluating function 1356 in dissemination channel host 80 to provide complementary and compatible signature authentication with dissemination nodes.
The channel host 80 may include a transceiver 100. The transceiver 100 receives and issues message-grams 50 for channel host 80 via message conveyance transactions 610. Received message-grams 5Or have their signature field 54Or evaluated. Issued message-grams 50s have a signature generated and set into their signature field 540s.
As shown in the figure, message-gram 5Or is received by transceiver 100, which creates internal message representation 52r. The internal message representation 52r contains various fields of the received message-gram 5Or, including, especially, the message signature. The internal message representation 502r is passed to selector 800, which authenticates message- grams before disseminating them to selected recipients. Selector 800 invokes signature evaluating function 1356 of message processing software component
135 to have the signature evaluated. Signature evaluating function 1356 returns its assessment. In another embodiment, the selector 800 may use other criteria to determine the recipients of the message-gram 5Or to be conveyed.
In the case of message-grams 50 originated by dissemination channel host 80, selector 800 calls signature generating function 1354 of message processing software component 135 to have a signature generated. The generated signature is made a part of internal message representation 52s, which is given to transceiver 100 for issuance. This has the effect of causing signature field 540s of issued message-gram 50s to contain the generated signature.
In the case of dissemination channel hosts using signature generating function 1354, the private key associated with the channel 810, not the host itself, is used.
In generating a signature specific to a destination, information unique to that destination is used in the generation of the signature. In evaluating a signature from a specific issuer, information unique to that issuer is used in the evaluation of the signature. For channels 810, issuers and destinations may include dissemination nodes 30 and other channels 810. Thus, node and/or channel specific information is used in signature evaluation and generation. This information may be kept in data store 815, for example in the data set 8154 associated with the particular node.
FIG. 10 shows an exemplary embodiment of the establishment of a dissemination relationship between a dissemination node 30 and a dissemination channel 810.
Dissemination node 30 issues a request to establish a messaging relationship by preparing and issuing message-gram 5Oq with request field 55Oq set to indicate the nature of the request. In embodiments in which message- gram signatures are generated and evaluated with public key cryptography, dissemination node 30 further sets request data field 555q with its public key.
For an embodiment of dissemination channel host 80 that provides multiple channels 810, the dissemination node sets the destination identity field 51Oq to the identity of the specific channel 810 with which the node 30 is requesting to establish a relationship, and not the identity of the channel host 80 itself.
Request message-gram 5Oq is received by dissemination channel host 80 acting on behalf of any dissemination channel 810 it acts as. Message-gram 5Oq does not have a signature field because there is no pre-existing relationship between dissemination node 30 and dissemination channel host 80 for the dissemination channel 810. In spite of the message-gram 5Oq not having a signature, selector 800 accepts it because it contains request field 550 set to indicate the request to establish a dissemination relationship.
Selector 800 may apply any of a variety of acceptance criteria to determine whether or not to accept the request. Some embodiments may limit establishment of dissemination relationships to only certain dissemination nodes 30. One such means for limiting the establishment of a relationship is to require dissemination node 30 to supply a credential (that may of any variety of forms, one such example being a digital certificate) when making the dissemination relationship request. The presentation of a valid credential of a valid credential evidences the suitability of the requestor to establish the relationship.
Selector 800 prepares a response indicating whether or not the request was accepted, and causes message-gram 5Op to be issued to the requesting dissemination node 30. Result field 57Op is set to indicate the disposition of the request (accepted or not). If accepted, and if an embodiment in which message- gram signatures are generated and evaluated with public key cryptography, the selector 800 may return a public key in message-gram data field 575p. For an embodiment of dissemination channel host 80 that provides multiple dissemination channels 810, the public key returned is that of the channel 810 for which the request was made.
By this transaction, not only is a dissemination relationship established, but also public keys associated with signature generation may be exchanged. Numerous variations of the mechanisms disclosed here may be made based on specific application requirements. Further, the mechanism may be adapted to effect interaction between dissemination nodes 30 and dissemination channels 810 or dissemination channel hosts 80 for a number of purposes. Other such purposes may include, but are not limited to, amending a dissemination relationship, and canceling such a relationship so that a dissemination channel 810 ceases issuing messages to a dissemination node that had been subscribed to that dissemination channel 810.
Information regarding dissemination nodes 30 with which a dissemination channel 810 has a relationship may be kept in data store 815 of channel host 80. For example, in some embodiments, selector 800 determines which dissemination nodes 30 that have a relationship are issued message-grams 50, and may do so using attributes regarding the nodes. The attributes of these dissemination nodes 30 may be maintained in data store field 8152. Such attributes may include information about the relationship, such as whether a dissemination node 30 has the right to issue message-grams to some channel 810 serviced by channel host 80, and/or whether a dissemination node 30 has requested to receive message-grams issued by some channel 810 serviced by channel host 80. Node-specific attributes may also be acquired from each dissemination node 30. Such information might describe the dissemination node
30 itself and/or the user of the node. The latter category may include geographic (geocode, location), demographic (age, gender, income), and psychographic (interests, possessions, lifestyle) attributes of the user, some or all of which may be used by selector 800 in determining which dissemination nodes will receive re-issued instances of message-grams 50 originally issued to a dissemination channel. 810 for which the dissemination channel host provides service.
FIG. 11 depicts an exemplary embodiment of operation of selector 800 in using node attributes to constrain the selection of dissemination nodes 30 that receive messages issued by the selector 800 on behalf of dissemination channel 810. As shown in the figure, message-gram 5Or has been posted to channel 810 of channel host 80 by some dissemination node (not shown) and reaches channel host 80 via conveyance transaction 610a. Message-gram 5Or is conveyed to channel host 80 because its destination identity field 51Or specifies the identity 805 of channel 810, which is hosted by channel host 80. Message-gram 5Or may contain redistribution parameters field 53Or, populated by the sending node, that specifies constraints for message-gram 50 dissemination. Selection filter 825 of selector 800 uses these parameters to select nodes (not shown) that are subscribed to the channel 810 for receipt of a message-gram 50 containing the content of received message-gram 5Or. In some embodiments, selection filter 825 does this by selecting against attributes of each subscribed node as contained in node attributes data field 8152 of data store 815. The identities of nodes meeting the redistribution criteria, if any, are passed to message-generator 835 which constructs a message-gram 50s for each and causes the constructed message-gram 50s to be issued. Message-generator 835 instantiates each message-gram 50s, setting the destination identity field 510s to that of a selected node. The message- generator 835 also sets content field 590s with content from the received message-gram 50r's content field 59Or. The issuer's identity field 520s of issued message-grams 50s is set to the identity of the channel 805. Message-grams, such as message-gram 50s, are issued to the destination node via execution of conveyance transaction 610b.
FIG. 12 shows an exemplary embodiment of a delivery agent 70 that may be used in a messaging dissemination system 90 to provide message-gram 50 delivery on behalf of other apparatus. Delivery agent 70 may be used in a message-gram dissemination system 90 to provide reliable delivery of message- grams 50. The delivery agent 70 may be used for dissemination nodes that may only be connected to the connection network 65 intermittently. When not connected, message-grams cannot be conveyed to dissemination node 30.
Delivery agent 70 is generally deployed to be ever present. A delivery agent 70 accepts message-grams 50 from client nodes 30/80 and delivers or forwards them as appropriate. In addition, the delivery agent 70 queues message-grams that cannot be delivered when a destination node 30 is not available. Similarly, a delivery agent 70 receives message-grams 50 destined for a node, completes delivery when the node is available, or queues the message-gram 50 if the node is not available. A message dissemination system 90 using delivery agent 70 consolidates the queuing function in the delivery agent 70. Other nodes may thereby be freed from having to deal with intermittent apparatus accessibility. As shown in the figure, dissemination node 30a receives delivery service from delivery agent 70a, while dissemination node 30b receives delivery service from delivery agent 70b. Message-gram 5Oe issued by dissemination node 30a destined for channel 810 is first conveyed to delivery agent 70a, which then further conveys a message-gram to the channel 810. Delivery agent 70a does this by instantiating a new message-gram 5Of, which is functionally equivalent to message-gram 5Oe, and issues the new message-gram 5Of to dissemination channel 810.
Thus, use of the delivery agent 70 may free other apparatus of the burden of storing or delivering message-grams based upon available of the destination apparatus. In addition, delivery agent 70 may unburden their clients from having to select routes for message-grams. Delivery agent 70 may accept all message- grams issued by their clients and handle the task of determining how to convey message-grams to or toward their destination. As shown in FIG. 12, channel 810 has issued message-gram 5Og to node 30b based upon its identity 305b. The address resolution mechanism used in message dissemination system 90 is configured to resolve to the delivery agent 70 when queried for the address of an identity that is a client of a delivery agent. Hence, the underlying conveyance mechanisms of connection network 65 causes message-gram 5Og to be conveyed to delivery agent 70b. Delivery agent 70b then either delivers the message-gram to node 30b, if node 30b is available, or queues it for subsequent delivery.
Delivery agents 70 are aware of the availability of client apparatus because client apparatus establish services session 620 with the delivery agent
70 when they are available. In some embodiments, services session 620 is a persistent session, maintained beyond the duration of any single transaction. Hence, if a message-gram 50 arriving at a delivery agent 70 is destined for a client apparatus and the client apparatus has a services session, then the delivery agent 70 attempts to deliver the message-gram to the client apparatus.
In this regard, message dissemination systems 90 may be push-based. In such cases, no apparatus needs to poll for messages, and the message dissemination system may present a much lower transaction burden to connection network 65 than would a polling-based system, such as POP in email. In another embodiment, push-based dissemination of messages might be facilitated by another component (not expressly shown in FIG. 12) of the dissemination system 90.
FIG.13 shows an exemplary embodiment of a message dissemination system 90 with a delivery agent 70 providing delivery service for the dissemination channel 810. As shown in the figure, delivery agent 70c provides delivery services for channel host 80. Message-gram 5Oj, issued by node 30a, is conveyed along virtual conveyance pathway 660a from the node 30a to delivery agent 70a, thence as message-gram 50k to delivery agent 70c. The delivery agent 70c delivers message-gram 5Ol to channel host 80, which provides dissemination for channel 810. In a similar manner, message-gram 50m issued by channel host 80, is conveyed by virtual conveyance pathway 660b first to delivery agent 70c, thence as message-gram 5On to delivery agent 70b, which delivers message-gram 5Oo to destination dissemination node 30b. Having delivery agent 70 handle message-gram delivery on behalf of channel host 80 provides to the channel host 80 analogous benefits to those described earlier for the dissemination node. A message dissemination system 90 in which all dissemination node(s) 30 and channel host(s) 80 have message delivery handled by delivery agent 70 may provide significant benefits. In particular, the details of message routing, delivery, and storage are confined to, and performed by, the delivery agents 70. This may make system design easier, maintenance more effective, and implementation architecturally more in tune with modern software and systems practices. In such a message dissemination system, an ensemble of delivery agent aggregate to provide a managed infrastructure for message conveyance. For example, in one embodiment, the delivery agents 70 may authorize nodes 30 and/or channel hosts 80 for access to the message dissemination system 90. In such an embodiment, the nodes 30 and/or channel hosts 80 are only allowed to connect to, and thus receive and/or send messages through the message dissemination system 90, if the nodes 30 and/or hosts 80, respectively, are determined by the delivery agents to be valid.
FIG. 14 shows an exemplary embodiment of a message dissemination system 90 in which delivery agents (not separately depicted) are aggregated to provide message-gram delivery for all dissemination entities. In such a system 90, the collection of delivery agents acting in concert serve as a dissemination manifold 75 that manages the conveyance of message-grams between dissemination entities 10. Dissemination manifold 75 routes message-grams between dissemination entities, regulates their flow, and queues messages for delivery when necessary. As shown in the figure, message-gram 5Ot, issued by dissemination entity
10a having identity 105a, is conveyed along virtual conveyance pathway 660. Thus, the message-gram 5Ot is conveyed through dissemination manifold 75 is delivered as message-gram 5Ov to the destination dissemination entity 10b. Message-gram 5Ov is functionally equivalent to message-gram 5Ot. For example, message-gram 5Ov and message-gram 5Ot may have much the same content. However, message-gram 5Ot and message-gram 5Ov are distinct entities, and generally have different destination and issuer identities.
This perspective of a dissemination manifold 75 hides details of an implementation that are not overtly relevant to message-gram conveyance. Such hiding of details may be considered a hallmark of good software design. Conforming to this perspective may guide an embodiment of a message dissemination system 90 toward effective implementation. For example, from this perspective, message-gram conveyance is seen as an end-to-end transaction between dissemination nodes. Specifically, destination identities and issuer identities of conveyed message-grams must refer to dissemination entity 10 and not to the delivery agent that underlie the dissemination manifold.
FIG. 15 depicts an exemplary embodiment of a delivery agent 70 performing its role in a dissemination manifold 75. As shown in the figure, messages-gram 5Ow is delivered via conveyance transaction 610a to message- gram transceiver 100 of the delivery agent 70. Conveyor 700 processes the received message-gram 5Ow. Client manager 745 maintains state information in client session status data field 7155 of data store 715 regarding the connection status of its client dissemination entity (not shown). If the destination dissemination entity is not available, the received message-gram 5Ow may be queued for delivery in stored messages data field 7158 of data store 715. If the destination entity is available, the message-gram is delivered.
When the message-gram 50 is delivered (whether having been stored or not), a message-gram instance 5Ox is delivered via conveyance transaction
610b initiated by transceiver 100. The fields of message-gram 5Ox are populated based on the content of received message-gram 5Ow. The existence of the delivery agent 70 is transparent for message-grams 50 conveyed through to clients. Unlike message intermediation by channel host 80, the destination identity field 510, issuer's identity field 520, and signature field 540 generally are not modified as this preserves the ability of the destination apparatus to validate the authenticity of the message in regard to its originating issuer.
Signatures may also be used by delivery agents with client apparatus to validate the client apparatus identity. In some embodiments, this is done with message-grams 50 used to establish a services session. An exemplary embodiment of this is shown in FIG. 16. In the embodiment shown, delivery agent 70 inherently trusts message-grams 50 conveyed through it on behalf of a client apparatus. This feature may not vitiate or weaken trustability of messages-grams 50 in a message dissemination system 90 because validation is performed between issuers and destinations. However, message-grams 50 received by a delivery agent 70 for delivery to a client are only delivered to that client. Therefore, delivery agents 70 may validate client identity before establishing a services session.
As shown in FIG. 16, some dissemination entity 10 issues message-gram 5Oy initiating a request to establish a session. Message-gram request field 505y is set to indicate this, making the conveyance of the message-gram 5Oy a session establishment request transaction 682. The requesting dissemination entity 10 further supplies a signature for the request. The signature is contained in signature field 54Oy. Using the signature, the delivery agent 70 can validate the identity of the issuer, which the issuer has asserted in message-gram field 52Oy.
Transceiver 100 of delivery agent 70 passes internal message-gram representation 52y to client manager 745. Client manager 745 then calls signature evaluating function 1356 of message processing software component 135, passing it requisite data as has earlier been described. If the signature does not validate, the session is not established. As a result, the dissemination entity would be precluded from joining a message dissemination system 90 to which the delivery agent 70 belongs. Should the signature be validated, client manager
745 updates state information about the session in the appropriate data set 7150 of data store 715.
Client manager 715 prepares a message-gram 50 to indicate whether the session request is accepted or not, populating internal message-gram representation 52z. The message-gram internal representation 52z is passed to transceiver 100 for issuance as message-gram 5Oz. The return of message- gram 5Oz to the requesting dissemination node 10 provides session establishment response 684.
Message-gram 5Oz has response field 515z set, indicating whether the session request has been accepted. Further, so that the dissemination entity 10 can trust that it has established a session with its authentic session service providing delivery agent, in some embodiments, the delivery agent 70 identifies itself. The delivery agent 70 may do so by setting issuer's identity field 52Oz and including a signature 54Op that was generated by signature generating function 1354.
Subject to validation of message-gram 5Oz by dissemination entity 10, a services session may thus be established. Once established, a services session provides for asynchronous, on-demand delivery of messages between the client dissemination entity 10 and its delivery agent 70.
FIG. 17 illustrates a schematic diagram of an exemplary embodiment of the interactions of dissemination entities of a dissemination system constructed in accordance with the method and system described herein. As shown, messaging system 90 includes dissemination nodes 30a and
3Od, a dissemination channel host 80 providing service for some dissemination channel 810, and delivery agents 7Oj and 70k, all of which are connected by transport connection 615 to connection network 65. Delivery agent 7Oj provides delivery service for both dissemination nodes 30a and 3Od, with which it has services session 620a and 62Od, respectively. Delivery agent 70k provides delivery services for dissemination channel host 80, with which it has some services session 620.
As shown in the figure, dissemination node 30a has user 20a that is a programmatic entity. User 20a authors content for a message-gram 50, specifies the destination channel 810, and calls manager 300a to originate the message-gram, which it does by invoking transceiver 100a. This results in the issuance of message-gram 5Ot, which is delivered via the delivery services of services session 620a to deliver agent 7Oj. Conveyor 70Oj of delivery agent 7Oj determines that the delivery agent that provides delivery service for destination channel 810 is provided by delivery agent 70k, and so forwards message-gram
5Ou, derived from message-gram 5Ot, to delivery agent 70k. Upon receiving this message-gram 5Ou, conveyor 700k of delivery agent 70k determines that it provides delivery services for the destination, channel 810, and so delivers message-gram 5Ov, derived from message-gram 5Ou, to channel host 80. The selector 80Of may then handle the received message-gram. The entire conveyance is depicted as virtual conveyance pathway 660.
The receiving channel host 80 may disseminate new message-grams to destination dissemination nodes, as selector 800 determines for channel 810. The process of conveyance from dissemination host 80 to other dissemination nodes operates as described for conveyance in this figure.
A method and system for performing information dissemination, particularly in a trusted manner has been disclosed. The method and system have been described in accordance with the embodiments shown. There could be variations to the embodiments, and any variations would be within the spirit and scope of the present application. For example, an exemplary embodiment may be implemented using hardware, software, a computer readable medium containing program instructions, or a combination thereof. Software written according to the present invention may be stored in some form of computer- readable medium, such as memory, a hard disk, or CD/DVD-ROM, and executed by a processor. Accordingly, many modifications may be made by one of ordinary skill in the art without departing from the spirit and scope of the method and system.

Claims

CLAIMS We Claim:
1. A system for disseminating messages between a plurality of nodes, each of the plurality of nodes including a user interface, the message originating at an originating node of the plurality of nodes and terminating at a destination node of the plurality of nodes, the system comprising: at least one channel host coupled with the plurality of nodes, each of the at least one channel host corresponding to at least one channel, the at least one channel for conveying the message between the plurality of nodes by receiving a received message corresponding to the message pushed to the at least one channel without polling for the received message and issuing a new message to a destination, the destination including at least one of the destination node and a portion of the at least one channel through which the message has not been conveyed, the new message including content based on the received message, the at least one channel allowing for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node.
2. The system of claim 1 where the at least one destination node is not specified as a destination in the received message.
3. The system of claim 1 wherein the at least one channel host includes at least one transceiver for issuing the at least one new message and receiving the received message.
4. The system of claim 1 wherein the at least one channel further includes: a selector corresponding to the at least one channel, the selector selecting the destination and the content.
5. A system for disseminating messages via at least one dissemination channel, the system comprising: a plurality of nodes coupled through the at least one dissemination channel, a node of the plurality of nodes including a user interface and configured to issue a message by pushing the message and to receive a received message pushed to the node without polling for the received message, at least one dissemination relationship existing between the node and the at least one dissemination channel, the node configured to at least one of store the received message and present the received message to at least one user, the received message including content based on another message issued by another node of the plurality of nodes.
6. The system of claim 5 wherein the node further includes: at least one transceiver for receiving the received message and issuing the message; at least one manager for establishing and managing the at least one dissemination relationship with the at least one channel, the manager issuing a composed message to the at least one channel and receiving the received message from the at least one channel via the transceiver; and a user interface composing the message on behalf of the at least one user, and presenting the received message to the at least one user.
7. A system for disseminating a message comprising: a plurality of nodes, a node of the plurality of nodes configured to at least one of issue a first new message and receive a first received message pushed to the node without polling for the first received message, the node further configured to at least one of present at least one of the first received message and the first new message to at least one user and store the at least one of the first new received message and the first new message, the message originating at an originating node of the plurality of nodes and terminating at a destination node of the plurality of nodes; and at least one channel host coupled with the plurality of nodes, each of the at least one channel host corresponding to at least one channel, the channel host receiving a second received message pushed to the channel host without polling for the second received message and issuing a second new message, the at least one channel for disseminating the message between the plurality of nodes by receiving the second received message including content corresponding to the message and by issuing to at least one of the destination node and a portion of the at least one channel through which the message has not been conveyed at least one second new message including a portion of the content, the at least one channel allowing for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node.
8. The system of claim 7 wherein the node further includes: at least one transceiver for receiving the first received message and issuing the first new message; at least one manager for establishing and managing the dissemination relationship with the at least one dissemination channel, at least one user interface for presenting the first received message to the at least one user; and wherein the at least one manager issues a composed message to the at least one dissemination channel and receives the first received message from the at least one dissemination channel via the transceiver.
9. The system of claim 7 wherein the at least one channel determines whether to accept the second received message received from one of the plurality of nodes; and wherein the node determines whether to accept the first received message received from the at least one channel.
10. The system of claim 7 wherein the node determines whether to accept the first received message based at least in part on a first signature included in the first received message by a first issuer of the first received message; and wherein the at least one channel determines whether to accept the second received message based at least in part on a second signature included in the second received message by a second issuer of the second received message.
11. The system of claim 7 wherein the at least one user interface of the node presents information about the first received message and the first issued new message to the user based on an identity of the at least one dissemination channel disseminating the message.
12. The system of claim 7 wherein the at least one user interface of the destination node presents the message to the at least one user in a symmetric manner to the user interface of the originating node.
13. The system of claim 7 wherein at least one node of the plurality of nodes and the at least one channel each include means for establishing a dissemination relationship, the dissemination relationship being used by the at least one node and the at least one channel to determine whether to accept messages issued by one to the other.
14. The system of claim 7 further comprising: at least one external data source coupled with the plurality of nodes and including external content for the message, the message including data corresponding to the external content, and wherein the plurality of dissemination nodes includes at least one data acquisition subsystem for accessing the at least one external data source based on the data.
15. The system of claim 7 further comprising at least one delivery agent coupled between the plurality of nodes and the at least one channel host, the at least one delivery agent including at least one transceiver for at least one of issuing a third new message and for receiving a third received message pushed to the delivery agent without the delivery agent polling for the third received message.
16. The system of claim 15 wherein the at least one delivery agent establishes at least one persistent services session, the at least one persistent services session allowing for at least one of the third received message to be pushed to the at least one delivery agent and for allowing the third new message to be pushed to at least one of the at least one channel and a portion of the plurality of nodes.
17. The system of claim 15 wherein the at least one delivery agent further stores the third new message if at least one delivery target of the message is unavailable and pushes the third new message to the at least one delivery target once the at least one delivery target is available, the at least one delivery target including at least one of the at least one channel and the destination node.
18. The system of claim 17 wherein the at least one delivery target is available if at least one persistent services session has been established between the at least one delivery target and the at least one delivery agent.
19. A method for disseminating a message between a plurality of nodes, the message originating at an originating node of the plurality of nodes and terminating at a destination node of the plurality of nodes, the method comprising: pushing the message from the originating node; conveying the message through at least one channel, the at least one channel receiving a received message corresponding to the message and including content of the message without polling for the received message and by issuing to at least one of the destination node and a portion of the at least one channel through which the message has not been conveyed at least one new message, the at least one new message including a portion of the content of the message received by the at least one channel, the at least one channel allowing for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node; conveying the new message to the at least one destination node; receiving the at least one new message at the at least one destination node without the at least one destination node polling for the new message; and presenting the content of the message to at least one user on at least one user interface of the at least one destination node.
20. A method for disseminating a message between a plurality of nodes, the message originating at an originating node of the plurality of nodes and terminating at a destination node of the plurality of nodes, the method comprising: pushing the message from the originating node; conveying the message to at least one channel, the at least one channel receiving the message without polling for the message, the at least one channel issuing to the destination node at least one new message, the at least one new message including a portion of the content of the message received by the channel, the at least one destination node being unspecified in the message by the originating node; conveying the new message to the destination node; receiving the at least one new message at the destination node, the destination node receiving the at least one new message without polling for the at least one new message; and presenting the content of the received message to at least one user on at least one user interface of the destination node.
21. A method for disseminating a message between a plurality of nodes, the message originating at an originating node of the plurality of nodes and terminating at a destination node of the plurality of nodes, the method comprising: conveying the message through at least one channel, the at least one channel receiving a received message corresponding to the message and including content of the message without polling for the received message and by issuing to at least one of the destination node and a portion of the at least one channel through which the message has not been conveyed at least one new message, the at least one new message including a portion of the content of the message received by the at least one channel, the at least one channel allowing for delivery of the content of the message to the destination node without requiring the destination node to be specified in the message by the originating node, the received message being the message for a first channel of the at least one channel; conveying the new message to the at least one destination node such that the at least one destination node receives the new message without the at least one destination node polling for the new message and such that the at least one destination node is allowed to present the content of the message to at least one user on at least one user interface of the at least one destination node.
PCT/US2008/088233 2007-12-27 2008-12-23 Apparatus and methods for trusted dissemination of information among a population of users in an open environment WO2009086422A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US1712207P 2007-12-27 2007-12-27
US61/017,122 2007-12-27

Publications (1)

Publication Number Publication Date
WO2009086422A1 true WO2009086422A1 (en) 2009-07-09

Family

ID=40824721

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2008/088233 WO2009086422A1 (en) 2007-12-27 2008-12-23 Apparatus and methods for trusted dissemination of information among a population of users in an open environment

Country Status (1)

Country Link
WO (1) WO2009086422A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020138659A1 (en) * 2000-11-01 2002-09-26 Zissis Trabaris Method and system for application development and a data processing architecture utilizing destinationless messaging
US20050201363A1 (en) * 2004-02-25 2005-09-15 Rod Gilchrist Method and apparatus for controlling unsolicited messaging in real time messaging networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020138659A1 (en) * 2000-11-01 2002-09-26 Zissis Trabaris Method and system for application development and a data processing architecture utilizing destinationless messaging
US20050201363A1 (en) * 2004-02-25 2005-09-15 Rod Gilchrist Method and apparatus for controlling unsolicited messaging in real time messaging networks

Similar Documents

Publication Publication Date Title
US11695782B2 (en) Electronic interaction authentication and verification, and related systems, devices, and methods
US11089032B2 (en) Signed envelope encryption
US7650383B2 (en) Electronic message system with federation of trusted senders
US8010795B2 (en) Secure information transfer using dedicated public key pairs
US6842628B1 (en) Method and system for event notification for wireless PDA devices
US8321677B2 (en) Pre-binding and tight binding of an on-line identity to a digital signature
US9083746B2 (en) Method of providing assured transactions using secure transaction appliance and watermark verification
EP1722532B1 (en) Deliver-upon-request secure electronic message system
US9100171B1 (en) Computer-implemented forum for enabling secure exchange of information
US8990567B2 (en) Message originator token verification
JP6092098B2 (en) Reliable email communication in a multi-tenant environment
US7966492B1 (en) System and method for allowing an e-mail message recipient to authenticate the message
US20150310438A1 (en) Sms and social media dual authorization, management oversight, and non-password security in email based e-commerce
US8613057B2 (en) Identity management facilitating minimum disclosure of user data
US9667605B2 (en) Electronic communication system and method for communication of the same in an open environment
US6795920B1 (en) Vault controller secure depositor for managing secure communication
WO2022033350A1 (en) Service registration method and device
US11025642B1 (en) Electronic message authentication
WO2011030352A2 (en) System and method for mobile phone resident digital signing and encryption/decryption of sms
US20210243036A1 (en) Blockchain network communication management
WO2009086422A1 (en) Apparatus and methods for trusted dissemination of information among a population of users in an open environment
US20100215176A1 (en) Means and method for controlling the distribution of unsolicited electronic communications
EP3346659B1 (en) Communication method for electronic communication system in open environment
CN117857059A (en) Visa information processing method, device, equipment and medium
CN116132185A (en) Data calling method, system, device, equipment and medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08867003

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08867003

Country of ref document: EP

Kind code of ref document: A1