Methods and systems for data traffic control and encryption

US 10,277,559 B2
Filed: 05/21/2014
Issued: 04/30/2019
Est. Priority Date: 05/21/2014
Status: Active Grant

First Claim

Patent Images

1. A method implemented on at least one machine each of which has at least one processor, storage, and a communication platform connected to a network for data traffic control, the method comprising:

receiving data traffic from a first node to be sent to a second node;

determining, at regular time intervals, a status for normal operation of a first pathway by verifying whether test data can be communicated using the first pathway between the first node and the second node, the verifying including determining within a time-out period, whether test data can be encrypted and transmitted over the first pathway from the first node to the second node, and whether test data that is decrypted, encrypted, and transmitted by the second node can be received by the first node over the first pathway, wherein the test data is encrypted based on a unique encryption key associated with each time interval; and

transmitting the data traffic through a second pathway to the second node over the network without using the first pathway based on the status for normal operation of the first pathway not being determined within the time-out period, the second pathway being different from the first pathway.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems and programming for data traffic control and encryption. In one example, data traffic is received from a first node to be sent to a second node. The health of an encryption pathway between the first node and the second node is determined. The data traffic is sent to the second node over the network without going through the encryption pathway when the encryption pathway is not healthy.

35 Citations

View as Search Results

28 Claims

1. A method implemented on at least one machine each of which has at least one processor, storage, and a communication platform connected to a network for data traffic control, the method comprising:
- receiving data traffic from a first node to be sent to a second node;
  
  determining, at regular time intervals, a status for normal operation of a first pathway by verifying whether test data can be communicated using the first pathway between the first node and the second node, the verifying including determining within a time-out period, whether test data can be encrypted and transmitted over the first pathway from the first node to the second node, and whether test data that is decrypted, encrypted, and transmitted by the second node can be received by the first node over the first pathway, wherein the test data is encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the second node over the network without using the first pathway based on the status for normal operation of the first pathway not being determined within the time-out period, the second pathway being different from the first pathway.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising sending the data traffic to the second node over the network using the first pathway when the status for normal operation of the first pathway is determined.
  - 3. The method of claim 1, wherein the second pathway is a non-encrypted pathway.
  - 4. The method of claim 1, wherein a magnitude of the time-out period is less than the time interval.

5. A system including storage, and a communication platform connected to a network for data traffic control, the system comprising:
- at least one processor configured to;
  
  determine, at regular time intervals, a status for normal operation of a first pathway by verifying whether test data can be communicated using the first pathway between a first node and a second node, the verifying including determining within a time-out period, whether test data can be encrypted and transmitted over the first pathway from the first node to the second node, and whether test data that is decrypted, encrypted, and transmitted by the second node can be received by the first node over the first pathway, wherein the test data is encrypted based on a unique encryption key associated with each time interval; and
  
  transmit data traffic received from the first node through a second pathway to the second node over the network without using the first pathway based on the status for normal operation of the first pathway not being determined within the time-out period, the second pathway being different from the first pathway.
- View Dependent Claims (6)
- - 6. The system of claim 5, wherein the at least one processor is further configured to send the data traffic to the second node over the network using the first pathway when the status for normal operation of the first pathway is determined.

7. A non-transitory machine-readable medium having information recorded thereon for data traffic control, wherein the information, when read by the machine, causes the machine to perform the following:
- receiving data traffic from a first node to be sent to a second node;
  
  determining, at regular time intervals, a status for normal operation of a first pathway by verifying whether test data can be communicated using the first pathway between the first node and the second node, the verifying including determining within a time-out period, whether test data can be encrypted and transmitted over the first pathway from the first node to the second node, and whether test data that is decrypted, encrypted, and transmitted by the second node can be received by the first node over the first pathway, wherein the test data is encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the second node over the network without using the first pathway based on the status for normal operation of the first pathway not being determined within the time-out period, the second pathway being different from the first pathway.

8. A system for data traffic control comprising:
- means for receiving data traffic from a first node to be sent to a second node;
  
  means for determining, at regular time intervals, a status for normal operation of a first pathway by verifying whether test data can be communicated using the first pathway between the first node and the second node, the verifying including determining within a time-out period, whether test data can be encrypted and transmitted over the first pathway from the first node to the second node, and whether test data that is decrypted, encrypted, and transmitted by the second node can be received by the first node over the first pathway, wherein the test data is encrypted based on a unique encryption key associated with each time interval; and
  
  means for transmitting the data traffic through a second pathway to the second node over the network without using the first pathway based on the status for normal operation of the first pathway not being determined within the time-out period, the second pathway being different from the first pathway.

9. A method implemented on at least one machine each of which has at least one processor, storage, and a communication platform connected to a network for controlling data traffic, the method comprising:
- encrypting first data at a first node;
  
  transmitting the encrypted first data to a second node over the network using a first pathway;
  
  decrypting the encrypted first data to generate second data at the second node;
  
  encrypting the second data at the second node;
  
  transmitting the encrypted second data to the first node over the network using the first pathway;
  
  decrypting the received encrypted second data to generate third data at the first node;
  
  comparing, at regular time intervals, the first data with the third data at the first node to determine, within a time-out period, a status for normal operation of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the second node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9, wherein the status for normal operation of the first pathway is determined based on the first data matching the third data according to at least one criterion.
  - 11. The method of claim 9, wherein the first data is at least one of a test message and data included in the data traffic.

12. A system including storage, and a communication platform connected to a network for controlling data traffic, the system comprising:
- at least one processor configured to;
  
  encrypt first data at a first node,transmit the encrypted first data to a second node over the network using a first pathway for transmitting encrypted data,decrypt, at the second node, the received encrypted first data to generate second data,encrypt the second data,transmit the encrypted second data to the first node over the network using the first pathway,decrypt the received encrypted second data to generate third data,compare, at regular time intervals, the first data with the third data to determine, within a time-out period, a status for normal operation of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval, andtransmit the data traffic through a second pathway to the second node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, wherein the status for normal operation of the first pathway is determined based on the first data matching the third data according to at least one criterion.
  - 14. The system of claim 12, wherein the first data is at least one of a test message and data included in the data traffic.

15. A non-transitory machine-readable medium having information recorded thereon for controlling data traffic, wherein the information, when read by the machine, causes the machine to perform the following:
- encrypting first data at a first node;
  
  transmitting the encrypted first data to a second node over the network using a first pathway;
  
  decrypting the encrypted first data to generate second data at the second node;
  
  encrypting the second data at the second node;
  
  transmitting the encrypted second data to the first node over the network using the first pathway;
  
  decrypting the received encrypted second data to generate third data at the first node;
  
  comparing, at regular time intervals, the first data with the third data at the first node to determine, within a time-out period, a status for normal operation of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the second node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.

16. A system for controlling data traffic, the system comprising:
- means for encrypting first data of data traffic at a first node;
  
  means for transmitting the encrypted first data to a second node over the network using a first pathway;
  
  means for decrypting the encrypted first data to generate second data at the second node;
  
  means for encrypting the second data at the second node;
  
  means for transmitting the encrypted second data to the first node over the network using the first pathway;
  
  means for decrypting the received encrypted second data to generate third data at the first node;
  
  means for comparing, at regular time intervals, the first data with the third data at the first node to determine, within a time-out period, a status for normal operation of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval; and
  
  means for transmitting the data traffic through a second pathway to the second node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.

17. A method implemented on at least one machine each of which has at least one processor, storage, and a communication platform connected to a network for determining status of a first pathway, the method comprising:
- receiving encrypted first data from a node over the network through the first pathway;
  
  decrypting the encrypted first data to generate second data;
  
  encrypting the second data;
  
  transmitting the encrypted second data to the node over the network through the first pathway to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval, and the receiving, the decrypting, the encrypting and the transmitting are performed at regular time intervals; and
  
  receiving from the node, data traffic through a second pathway over the network without using the first pathway in response to the status of the first pathway not being determined, the second pathway being different from the first pathway.
- View Dependent Claims (18)
- - 18. The method of claim 17, wherein the first data is at least one of a test message and data included in the data traffic.

19. A system including a storage, and a communication platform connected to a network for determining status of a first pathway, the system comprising:
- at least one processor configured to;
  
  receive encrypted first data from a node over the network through the first pathway,decrypt the encrypted first data to generate second data,encrypt the second data,transmit the encrypted second data to the node over the network through the first pathway to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval, wherein the at least one processor is configured to receive, decrypt, encrypt, and transmit at regular time intervals, andreceive from the node, data traffic through a second pathway over the network without using the first pathway in response to the status of the first pathway not being determined, the second pathway being different from the first pathway.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the first data is at least one of a test message and data included in the data traffic.

21. A non-transitory machine-readable medium having information recorded thereon for determining status of a first pathway, wherein the information, when read by the machine, causes the machine to perform the following:
- receiving encrypted first data from a node over the network through the first pathway;
  
  decrypting the encrypted first data to generate second data;
  
  encrypting the second data;
  
  transmitting the encrypted second data to the node over the network through the first pathway to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval, and the receiving, the decrypting, the encrypting and the transmitting are performed at regular time intervals; and
  
  receiving from the node, data traffic through a second pathway over the network without using the first pathway in response to the status of the first pathway not being determined, the second pathway being different from the first pathway.

22. A method implemented on at least one machine each of which has at least one processor, storage, and a communication platform connected to a network for determining a status of a first pathway, the method comprising:
- encrypting first data of data traffic;
  
  transmitting the encrypted first data to a node over the network using the first pathway;
  
  receiving encrypted second data from the node over the network through the first pathway, wherein the second data is decrypted from the encrypted first data;
  
  decrypting the received encrypted second data to generate third data;
  
  comparing, at regular time intervals, the first data with the third data to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.
- View Dependent Claims (23, 24)
- - 23. The method of claim 22, wherein the status of the first pathway to the node is determined based on the first data matching the third data according to at least one criterion.
  - 24. The method of claim 22, wherein the first data is at least one of a test message and data included in the data traffic.

25. A system including a storage, and a communication platform connected to a network for determining a status of a first pathway, the system comprising:
- at least one processor configured to;
  
  encrypt first data of data traffic,transmit the encrypted first data to a node over the network using the first pathway,receive encrypted second data from the node over the network through the first pathway, wherein the second data is decrypted from the encrypted first data,decrypt the received encrypted second data to generate third data,compare, at regular time intervals, the first data with the third data to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval, andtransmit the data traffic through a second pathway to the node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.
- View Dependent Claims (26, 27)
- - 26. The system of claim 25, wherein the status of the first pathway is determined based on the first data matching the third data according to at least one criterion.
  - 27. The system of claim 25, wherein the first data is at least one of a test message and data included in the data traffic.

28. A non-transitory machine-readable medium having information recorded thereon for determining a status of a first pathway, wherein the information, when read by the machine, causes the machine to perform the following:
- encrypting first data of data traffic;
  
  transmitting the encrypted first data to a node over the network using the first pathway;
  
  receiving encrypted second data from the node over the network through the first pathway, wherein the second data is decrypted from the encrypted first data;
  
  decrypting the received encrypted second data to generate third data;
  
  comparing, at regular time intervals, the first data with the third data to determine, within a time-out period, the status of the first pathway, wherein the first data and the second data are encrypted based on a unique encryption key associated with each time interval; and
  
  transmitting the data traffic through a second pathway to the node over the network without using the first pathway in response to the first data not matching the third data, the second pathway being different from the first pathway.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
R2 Solutions LLC (Acacia Research Corporation)
Original Assignee
Excalibur IP, LLC (Acacia Research Corporation)
Inventors
Petach, Matthew Nicholas, Batta, Nitin, LaCroix, Brian, Gashinsky, Igor
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Le, Thanh T

Application Number

US14/283,944
Publication Number

US 20160119294A1
Time in Patent Office

1,805 Days
Field of Search

713150
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

Methods and systems for data traffic control and encryption

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for data traffic control and encryption

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links