Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2006-04-25
2006-04-25
Morse, Gregory (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S223000
Reexamination Certificate
active
07036010
ABSTRACT:
A security protocol entity (20) is provided that includes a mechanism for enabling a first party (11) to communicate securely with a second party (60) through an access-controlling intermediate party (13) by nesting within a first security session (64) established with the intermediate party (13) a second security session (65) with the second party (60). The protocol data units, PDUs, associated with the second security session (65) are encapsulated in PDUs associated with the first security session (64) when sent out by the first party, the intermediate party extracting the encapsulated PDUs for sending on to the second party (possibly with a change to the destination address included in the PDU to be sent on). Each PDU includes a message type field explicitly indicating to the intermediate party (13) if a received PDU encapsulates another PDU intended to be sent on. The establishment of a security session between two parties is made dependent on each party proving by attribute certificates that it has certain attributes required of it by the other party. Where the intermediate party (13) fronts for the second party (60) and the first party (11) initially contacts the intermediate party in the belief that it is the second party, then the latter will indicate its relay status to the first party which can then request the intermediate party (13) to permit a tunnel to be established through it to the second party (60). The first party may place different attribute requirements on the intermediate party in its tunnel role to those initially expected of it when the first party thought it was the second party.
REFERENCES:
patent: 4868877 (1989-09-01), Fischer
patent: 5005200 (1991-04-01), Fischer
patent: 5218637 (1993-06-01), Angebaud et al.
patent: 5497422 (1996-03-01), Tysen et al.
patent: 5515441 (1996-05-01), Faucher
patent: 5819044 (1998-10-01), Kawabe et al.
patent: 5825890 (1998-10-01), Elgamal et al.
patent: 5898784 (1999-04-01), Kirby et al.
patent: 5907621 (1999-05-01), Bachman et al.
patent: 5923842 (1999-07-01), Pedersen et al.
patent: 5940591 (1999-08-01), Boyle et al.
patent: 5958050 (1999-09-01), Griffin et al.
patent: 6081900 (2000-06-01), Subramaniam et al.
patent: 6094437 (2000-07-01), Loehndorf et al.
patent: 6094485 (2000-07-01), Weinstein et al.
patent: 6134550 (2000-10-01), Van Oorschot et al.
patent: 6292839 (2001-09-01), Naudus et al.
patent: 6377691 (2002-04-01), Swift et al.
patent: 6574224 (2003-06-01), Brueckheimer et al.
patent: 6591306 (2003-07-01), Redlich
patent: 6643701 (2003-11-01), Aziz et al.
patent: 2002/0035635 (2002-03-01), Holden et al.
patent: 0 328 232 (1989-08-01), None
patent: 0 402 083 (1990-12-01), None
patent: 0 503 765 (1992-09-01), None
patent: 0 586 022 (1994-09-01), None
patent: 0 651 533 (1995-03-01), None
patent: 0 820 176 (1998-01-01), None
patent: 0 989 501 (2000-03-01), None
patent: 0 969 366 (2000-05-01), None
patent: 2 323 757 (1998-09-01), None
patent: 2 333 878 (1999-08-01), None
patent: 8110869 (1996-04-01), None
patent: 11031129 (1999-02-01), None
patent: 11184818 (1999-07-01), None
patent: 94/03859 (1994-02-01), None
patent: 95/23468 (1995-08-01), None
patent: 96/02993 (1996-02-01), None
patent: 98/38759 (1998-09-01), None
patent: 00/08818 (2000-02-01), None
Bray, Tim, et al., “Extensible Markup Language (XML) 1.0 Specification”, Second Edition, W3C, available at http://www.w3.org/TR/REC-xml, Feb. 1998, pp. 1-57.
Dierkes, T., et al., “The TLS Protocol, Version 1.0”, IETF RFC2246, Network Working Group, Jan. 1999, pp. 1-67.
Elien, Jean-Emile, “Certificate Discovery Using SPKI/SDSI 2.0 Certificates”, Masters Thesis MIT LCS, available at http://theory.lcs.mit.edu/˜cis/theses/elien-masters.ps, May 1998, pp. 11-54.
Ellison, C., “SPKI Requirements”, IETF RFC 2692, Network Working Group, Sep. 1999, pp. 1-14.
Ellison, C., “Simple Public Key Certificate”, IETF draft draft-ietf-spki-cert-structure-05.text, available at http://www.clark.net/pub/cme/spki.txt, Mar. 13, 1998, pp. 1-35.
Ellison, C., et al., “SPKI Certificate Theory”, IETF RFC2693, Network Working Group, Sep. 1999, pp. 1-36.
Ellison, C., et al., “SPKI Examples”, <draft-ietf-spki-cert-examples-01.txt>, available at http://www.clark.net/pub/cme/examples.txt, Mar. 10, 1998, pp. 1-13.
Farrell, S., et al., “Limited AttributeCertificate Acquisition Protocol”, available at http://search.ietf.org/internet-drafts/draft-ietf-pkix-laap-00.txt, Internet Engineering Task Force, PKIX Working Group, Internet Draft, published Oct. 1999, pp. 1-10.
Harkins, D., et al., “The Internet Key Exchange (IKE)”, IETF RFC 2409, Network Working Group, Nov. 1998, pp. 1-34.
Hewlett-Packard Company, “e-Speak Architecture Specification”, Version Beta 2.0, available at http://www.e-speak.hp.com/ , Sep. 1999, pp. i-xvi, 1-200.
Kent, S., et al., “Security Architecture for the Internet Protocol”, IEFT RFC 2401, Network Working Group, Nov. 1998, pp. 1-66.
Merkow, Mark, “More Than A Language—XML Is A Security Tool Too!”, Internet.com e-Commerce Guide, available at http://ecommerce.internet.com/outlook/print/0, ,7761—124821,00.html, May 13, 1999, pp. 1-4.
National Institute of Standards and Technology,Data Encryption Standard(DES), Draft Fips Pub 46-3, U.S. Department of Commerce, available at http://www.ncsl.nist.gov/fips/ , Jan. 20, 1999, pp. 1-20.
National Institute of Standards and Technology,Des Modes of Operation, FIPS Pub 81, available at http://www.itl.nist.gov/fipspubs/.], Dec. 2, 1980, pp. 1-22.
National Institute of Standards and Technology,Secure Hash Standard, FIPS Pub 180-1, available at http://www.itl.nist.gov/fipspubs/, Apr. 17, 1995, pp. 1-16.
Reagle, Jr., Joseph, editor, W3C Working Draft, “XML Signature Requirements”, IETF, available at http://www.w3.org/TR/xmldsig—requirements, Oct. 14, 1999, pp. 1-6.
Rivest, R., “S-Expressions draft-rivest-sexp-00.txt”, Network Working Group, available at http://theory.lcs.mit.edu/˜rivest/sexp.txt, May 4, 1997, pp. 1-11.
Meenezes, A., et al.The Book of Applied Cryptography, CRC Press, pp. 572-576 (1997).
Hewlett--Packard Development Company, L.P.
Morse Gregory
Nalven Andrew
LandOfFree
Method and apparatus for a secure communications session... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for a secure communications session..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for a secure communications session... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3610084