Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-08-17
2004-11-02
Darrow, Justin T. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S152000, C713S150000, C713S163000, C380S277000, C380S278000
Reexamination Certificate
active
06813714
ABSTRACT:
BACKGROUND
1. Field of the Invention
This invention relates to computer networks. In particular, the invention relates to conference security.
2. Description of Related Art
Group-oriented security is typically directed to either the application layer or the network layer. Approaches for the application layer employ user authentication techniques either separately or integrated into a conference key distribution scheme. Approaches for the network layer achieve group security through the distribution and management of cryptographic keys using techniques collectively referred to as group key management (GKM).
Although these approaches provide some level of security for group-oriented activities, they are inadequate for multicast or conferences that require a high level of security and flexibility in conference management. Examples of these desired features include source identity and authentication, data confidentiality, participation non-repudiation, sender/receiver non-repudiation, cheater detection and identification, secure conference joining, and secure member ejection.
Therefore there is a need in the technology to provide a simple and efficient method to provide secure group activity in a network environment.
SUMMARY
The present invention is directed to a method and apparatus for securing a session in a system having application and network layers. A multicast conference secure architecture (MCSA) acts as an intermediary at the session layer between an application layer and a network layer. By providing an intermediary at the session layer, many protocols and applications at the application and network layers can be maintained separately and independently. The MCSA includes a session manager and a security storage. The session is managed by a session manager. Security components used in the session are provided by a security storage.
According to one embodiment of the present invention, the session manager includes a conference session manager interfacing to the application layer and a multicast session manager interfacing to the network layer. The security storage includes storages of the conference keys, the group keys, the session directory, and a security association database. A session is initiated by an initiator session manager. An authorizer is appointed to manage the distribution of the group key to be used in the encryption and decryption of the messages transferred during the session. Conference keys are generated and distributed to users in the session when the users become the members of the session.
Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
REFERENCES:
patent: 5935245 (1999-08-01), Sherer
patent: 5940591 (1999-08-01), Boyle et al.
patent: 6002768 (1999-12-01), Albanese et al.
patent: 6049878 (2000-04-01), Caronni et al.
patent: 6195751 (2001-02-01), Caronni et al.
Thomas Hardjono, Naganand Doraswamy & Brad Cain, An Architecure for Conference-Support Secured Multicast, 1997, Fourteen (14) pages, Chapman & Hall.
Cain Brad
Doraswamy Naganand
Hardjono Thomas P.
Blakely & Sokoloff, Taylor & Zafman
Darrow Justin T.
Nobahar A.
Nortel Networks Limited
LandOfFree
Multicast conference security architecture does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multicast conference security architecture, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multicast conference security architecture will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3288094