Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2019025954) SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT PROVIDING END-TO-END SECURITY OF CENTRALLY ACCESSIBLE GROUP MEMBERSHIP INFORMATION
Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

CLAIMS

What is claimed is

1. A method, comprising:

accessing, by a computer processor of a user device from a central server, membership information defining a user group in a messaging system, the membership information including:

at least one change to members of the user group, and

for each change of the at least one change, a digital signature of a user that made the change covering the change;

performing, by the computer processor of the user device, a verification process on the membership information, including:

for each change of the at least one change, verifying the digital signature of the user that made the change;

determining, by the computer processor of the user device, members of the user group, as a result of the verification process; and

performing, by the computer processor of the user device, at least one action in association with the members of the user group.

2. The method of claim 1 , wherein the computer processor of the user device accesses the membership information from the central server via a network.

3. The method of claim 1, wherein the at least one change to the members of the user group includes an addition of a new member to the user group.

4. The method of claim 1 , wherein the at least one change to the members of the user group includes a removal of an existing member from the user group.

5. The method of claim 1, further comprising generating, by the computer processor of the user device from the membership information, a tree showing paths of changes made to the user group.

6. The method of claim 5, wherein the verification process is performed according to the paths in the tree.

7. The method of claim 1 , wherein performing, by the computer processor of the user device, the verification process on the membership information includes:

for each change of the at least one change:

verifying the digital signature of the user that made the change, accepting the change when the digital signature is verified, and rejecting the change when the digital signature is not verified.

8. The method of claim 7, wherein determining, by the computer processor of the user device, the members of the user group, as a result of the verification process includes:

making the accepted changes to the user group, and

ignoring the rejected changes.

9. The method of claim 1 , wherein verifying the digital signature of the user that made the change further includes verifying a certificate associated with the digital signature.

10. The method of claim 1 , wherein the verification process performed on the membership information further includes:

after verifying the digital signature of the user that made the change, verifying that the user is assigned a role with permission required for making the change.

11. The method of claim 10, wherein only an administrator is permitted to remove an existing member from the user group.

12. The method of claim 10, wherein any member of the user group is permitted to add a new member to the user group.

13. The method of claim 1, wherein performing, by the computer processor of the user device, the at least one action in association with the members of the user group includes:

sending, through the messaging system, a message to one or more of the members of the user group.

14. The method of claim 1, wherein performing, by the computer processor of the user device, the at least one action in association with the members of the user group includes:

making at least one additional change to the user group, and

providing a digital signature with the at least one additional change.

15. The method of claim 14, wherein the at least one additional change to the user group includes at least one of:

adding a new member to the user group, and

removing an existing member from the user group.

16. The method of claim 1 , wherein the membership information further includes an overall digital signature of a user that made a most recent change in the at least one change, wherein the overall digital signature covers an entire group membership record storing the membership information, and wherein the verification process on the membership information further includes:

verifying the overall digital signature of the user that made the most recent change in the at least one change.

17. The method of claim 1, wherein the central server provides further security for the membership information.

18. The method of claim 16, wherein the further security provided by the central server includes:

prohibiting a rollback of the membership information to a prior state, and prohibiting members of the user group from removing from the membership information any previously made changes to the user group.

19. A non- transitory computer readable medium storing computer code executable by a processor to perform a method comprising:

accessing, by a computer processor of a user device from a central server, membership information defining a user group in a messaging system, the membership information including:

at least one change to members of the user group, and

for each change of the at least one change, a digital signature of a user that made the change covering the change;

performing, by the computer processor of the user device, a verification process on the membership information, including:

for each change of the at least one change, verifying the digital signature of the user that made the change;

determining, by the computer processor of the user device, members of the user group, as a result of the verification process; and

performing, by the computer processor of the user device, at least one action in association with the members of the user group.

20. An apparatus, comprising:

a computer processor of a user device for:

accessing, from a central server, membership information defining a user group in a messaging system, the membership information including:

at least one change to members of the user group, and

for each change of the at least one change, a digital signature of a user that made the change covering the change;

performing a verification process on the membership information, including: for each change of the at least one change, verifying the digital signature of the user that made the change;

determining members of the user group, as a result of the verification process; and performing at least one action in association with the members of the user group.