Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-10-30
2007-10-30
Barron, Jr., Gilberto (Department: 2132)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S013000, C713S160000
Reexamination Certificate
active
10215544
ABSTRACT:
A method and apparatus for protecting, from denial of service attacks, a device that provides particular services that consume substantial computational resources. A data packet includes data for the particular services and a cryptographic tag. It is determined whether the data packet is legitimate based on the cryptographic tag and a size of the data for the particular services without otherwise using the data for the particular services. If the data packet is not legitimate, then the data is diverted from input to the particular services that process the data. These techniques use the cryptographic tag to provide strong data origin authentication without the heavy computational costs associated with providing full data integrity authentication in typical cryptographic services. Further, denial of service protection is conveniently implemented as a cryptographic service.
REFERENCES:
patent: 4677612 (1987-06-01), Olson et al.
patent: 6971028 (2005-11-01), Lyle et al.
patent: 6996070 (2006-02-01), Starr et al.
patent: 6996712 (2006-02-01), Perlman et al.
patent: 7058974 (2006-06-01), Maher et al.
A. Juels et al., “Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks,” in S. Kent, editor,Proceedings of NDSS '99(Networks and Distributed Security Systems), pp. 151-165, 1999.
D. Dean et al., “Using Client Puzzles to Protect TLS,” 10th Annual USENIX Security Symposium, 2001.
S. Kent et al., “Security Architecture for the Internet Protocol,” IETF RFC 2401, Nov. 1998, pp. 1-66.
Cisco Systems, Inc., “IPSec,” Jan. 1997, pp. 1-10.
Bludau Branden S
Cisco Technology Inc.
LandOfFree
Method and apparatus for cryptographically blocking network... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for cryptographically blocking network..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for cryptographically blocking network... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3899490