Cryptography – Key management – Having particular key generator
Patent
1990-06-25
1993-04-20
Lee, Thomas C.
Cryptography
Key management
Having particular key generator
395600, 395500, 395775, 380 25, 380 4, H04L 900
Patent
active
052049612
ABSTRACT:
A computer network has a number of computers coupled thereto at distinct nodes. A trust realm table defines which computers are members of predefined trust realms. All the members of each predefined trust realm enforce a common set of security protocols for protecting the confidentiality of data. Each computer that is a member of a trust realm enforces a predefined security policy, and also defines a security level for each set of data stored in the computer. Thus, each message has an associated label denoting how to enforce the computer's security policy with respect to the message. A trust realm service program prepares a specified message for transmission to a specified other computer system. To do this it uses the trust realm table to verify that both the computer system and the specified computer system are members of at least one common trust realm, and then selects one of those common trust realms. The message is transmitted as a protocol data unit, which includes a sealed version of the message, authenticated identifiers for the sending system and user, the message's label, and an identifier for the selected trust realm. Received protocol data units are processed by validating each of the components of the received protocol data unit before accepting the sealed message in the protocol data unit as authentic. Further, the label in the received protocol data unit is used by the receiving computer to determine what predefined security policy is to be enforced with respect to the message.
REFERENCES:
patent: 4184200 (1980-01-01), Wagner et al.
patent: 4918653 (1990-04-01), Johri et al.
patent: 4919545 (1990-04-01), Yu
patent: 4926476 (1990-05-01), Covey
patent: 5032979 (1991-07-01), Hecht et al.
"Extending Mandatory Access Controls to a Networked MLS Environment", 1989, pp. 1-10.
"Commercial IP Security Option", Winger, Oct. 4, 1989, pp. 1-5.
Colorado Networks Division, BI Security Extensions to RIP, Nov. 1989.
Digital Equipment Corporation
Donaghue L.
Lee Thomas C.
LandOfFree
Computer network operating with multilevel hierarchical security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer network operating with multilevel hierarchical security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer network operating with multilevel hierarchical security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1531783