Local area network
First Claim
Patent Images
1. A method of establishing and maintaining distributed security between a plurality of devices in an ad hoc network, the method having the steps of;
- associating each device with a unique device address;
assigning to one of said devices a control function to control access by other devices to said network;
each of said devices generating a public key for distribution to other devices;
each of said devices authenticating itself periodically with said other devices in order to determine status of said other devices;
arranging said devices into a plurality of trust groups, each group having a group key for distribution within said trust group;
associating a trust level to each of said devices;
each of said devices using said public key and said group key to perform key agreement in order to establish a secure communication channel with said other devices in said group;
whereby each of said devices is responsible for its own security by generating, distributing its own keys to said other devices.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device'"'"'s membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network.
67 Citations
21 Claims
-
1. A method of establishing and maintaining distributed security between a plurality of devices in an ad hoc network, the method having the steps of;
-
associating each device with a unique device address;
assigning to one of said devices a control function to control access by other devices to said network;
each of said devices generating a public key for distribution to other devices;
each of said devices authenticating itself periodically with said other devices in order to determine status of said other devices;
arranging said devices into a plurality of trust groups, each group having a group key for distribution within said trust group;
associating a trust level to each of said devices;
each of said devices using said public key and said group key to perform key agreement in order to establish a secure communication channel with said other devices in said group;
whereby each of said devices is responsible for its own security by generating, distributing its own keys to said other devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 12)
-
-
9. A method of establishing and maintaining distributed security between one correspondent and another correspondent, said correspondents being members of different ad hoc networks and forming a group of communicating correspondents, the method having the steps of;
-
associating said one correspondent and said other correspondent with a unique device address;
controlling access to said different ad hoc networks;
each ad hoc network having a gateway and transferring traffic between said correspondents via said gateways;
said one correspondent generating a public key for distribution to said other correspondent;
said one correspondent authenticating itself periodically with said other correspondent in order to determine status of said other correspondent;
determining a group key for distribution to said correspondents in accordance to said step of controlling access;
associating a trust level to each of said correspondents;
each of said correspondents using said public key and said group key for performing key agreement in order to establish secure communication within said group;
whereby each of said correspondents is responsible for its own security by generating, distributing its own keys to said other devices. - View Dependent Claims (10, 11)
-
- 13. A distributed security system for a plurality of devices in a communication network, each of said devices being responsible for generating, distributing and controlling its own keys for access to said communication network and using said keys to establish a trusted network, each device'"'"'s membership to said communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to said communication network and said trusted network.
Specification