×

Secure labeling of network flows

  • US 10,721,210 B2
  • Filed: 05/08/2019
  • Issued: 07/21/2020
  • Est. Priority Date: 04/22/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computer program product for managing network flows at an endpoint in a network, computer program product comprising computer executable code embodied in a nontransitory computer readable medium that, when executing on one or more computing devices, performs operations comprising:

  • providing a first key to the endpoint;

    receiving a data structure from a source on the endpoint, the data structure including a payload and a header;

    generating, at the endpoint, a label for the data structure, the label including information about the source of the data structure on the endpoint;

    using the first key provided to the endpoint, adding a cryptographic signature for the label to the header of the data structure;

    transmitting the data structure from the endpoint to a remote location through a network device for the network;

    at the network device, verifying an authenticity of the cryptographic signature using a corresponding second key; and

    based on the information about the source of the data structure and the authenticity of the label, applying a routing rule at the network device to conditionally route the data structure to the remote location accessible from the endpoint through the network.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×