Content security at service layer
First Claim
1. An apparatus comprising a processor, a memory, and communication circuitry, the apparatus being connected to a network via its communication circuitry, the apparatus further comprising computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, cause the apparatus to perform operations comprising:
- sending, to a common services entity, a request for one or more credentials that encrypt or integrity protect application content when stored at rest on a hosting common services entity, the request based on one or more security parameters associated with the application content;
in response to the request, obtaining, from the common services entity, the one or more credentials;
using the one or more credentials to encrypt or integrity protect the application content; and
sending, to the hosting common services entity, a request to create a resource that stores the encrypted or integrity protected content.
1 Assignment
0 Petitions
Accused Products
Abstract
Existing approaches to security within network, for instance one M2M networks, are limited. For example, content might only be protected while the content is in transit between entities that trust each other. Here, the integrity and the confidentiality of content in an M2M network are protected. Such content may be “at rest,” such that the content is stored at a hosting node. Only authorized entities may store and retrieve the data that is stored at the hosting node, and the data may be protected from a confidentiality perspective and an integrity perspective.
8 Citations
18 Claims
-
1. An apparatus comprising a processor, a memory, and communication circuitry, the apparatus being connected to a network via its communication circuitry, the apparatus further comprising computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, cause the apparatus to perform operations comprising:
-
sending, to a common services entity, a request for one or more credentials that encrypt or integrity protect application content when stored at rest on a hosting common services entity, the request based on one or more security parameters associated with the application content; in response to the request, obtaining, from the common services entity, the one or more credentials; using the one or more credentials to encrypt or integrity protect the application content; and sending, to the hosting common services entity, a request to create a resource that stores the encrypted or integrity protected content. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising a processor, a memory, and communication circuitry, the apparatus being connected to a network via its communication circuitry, the apparatus further comprising computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, cause the apparatus to perform operations comprising:
-
based on security requirements associated with content, generating one or more credentials that encrypt or integrity protect application content when stored at rest on a hosting node; using the one or more credentials to encrypt or integrity protect the application content; and sending, to the hosting node, a request that the hosting node store the encrypted or integrity protected content, such that only an authorized client can decrypt the content from the hosting node. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
sending, from an apparatus and to a common services entity, a request for one or more credentials that encrypt or integrity protect application content when stored at rest on a hosting common services entity, the request based on one or more security parameters associated with the application content; in response to the request, obtaining, from the common services entity, the one or more credentials; using the one or more credentials to encrypt or integrity protect the application content; and sending, from the apparatus and to the hosting common services entity, a request to create a resource that stores the encrypted or integrity protected content. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification