Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2006-02-07
2006-02-07
Vu, Kim (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C709S238000, C370S352000
Reexamination Certificate
active
06996716
ABSTRACT:
A two-tier security architecture that provides balance between the use of public and secret-key cryptography to realize cost-effectiveness and scalability of security. One tier is an intra-zone tier and the other tier is an inter-zone tier. The intra-zone tier addresses communication between users employing endpoints within a prescribed Security Zone and is designed to achieve cost-effectiveness. The inter-zone tier specifies how communication between users employing endpoints from different Security Zones can be established and is designed to provide scalability for intra-enterprise and/or inter-enterprise communications. Specifically, each Security Zone has a “Zone Keeper” and one or more endpoints that may be employed by users. The Zone Keeper authenticates, i.e., validates, users employing an endpoint in the Security Zone and determines whether a caller and a callee are security compatible. When setting up a communication, the caller provides the Zone Keeper security information in order for the caller to prove its identity. The callee supplies to the caller information confirming its identity. A proposal on how the communication is to be Set-up is sent from the caller to the callee, and if they agree to the proposal and their security is authenticated, the communication is started. For inter-zone, inter-domain, communications, the caller provides information as described above to its Zone Keeper. Then, the caller's Zone Keeper forwards the caller's request to the Zone Keeper of the security associated with the callee. Additionally, the caller's Zone Keeper also supplies the callee's Zone Keeper with its security identity so that the callee's Zone Keeper may authenticate that the request is from the caller's Zone Keeper. Then, the callee's Zone Keeper sends back an authorization to the Caller's Zone Keeper. This authorization includes the callee's Zone Keeper security identity so that the caller's Zone Keeper can authenticate that the authorization is from the callee's Zone Keeper.
REFERENCES:
patent: 5696880 (1997-12-01), Gustafson et al.
patent: 5982898 (1999-11-01), Hsu et al.
patent: 6229804 (2001-05-01), Mortsolf et al.
patent: 6269149 (2001-07-01), Hassell et al.
patent: 6327660 (2001-12-01), Patel
patent: 6374302 (2002-04-01), Galasso et al.
A Gatekeeper discovery mechanism for H.323 systems, by Senthil Sengodan, Nokia Research Center, Nov. 1998, SPIE vol. 3528.
Avaya Technology Corp.
Truong Thanhnga
Vu Kim
LandOfFree
Dual-tier security architecture for inter-domain environments does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Dual-tier security architecture for inter-domain environments, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Dual-tier security architecture for inter-domain environments will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3627341