Mobile security architecture
First Claim
1. A security management and secure transport system comprising:
- a security agent node group (SANG) having at least one security agent node (SAN), and a transport agent node group (TANG) having at least one transport agent node (TAN), wherein;
a security subscriber unit (SSU) communicates with the SANG over a non-secure link to establish a first session key at the SSU;
the SAN communicates with the TANG to establish the first session key at the TANG; and
the SSU communicates with the TANG over a secure link based on the first session key.
8 Assignments
0 Petitions
Accused Products
Abstract
Security and mobility overlay architecture (SAMOA) includes security management and secure transport functions for fixed or mobile security subscriber units (SSUs). SSUs within SAMOA are authenticated, authorized, and provided with shared session keys by the security management function. The keys allow each SSU to communicate with the secure transport network, which provides secure connections to other SSUs. Because shared-key, rather than public-key session keys are preferably used, the problems associated with public-key certificate authorities and hierarchies are avoided. The security management function and the secure transport network can be layered efficiently on top of existing Internet protocol (IP) networks and are thus applicable to a wide range of systems that support IP, including 3G wireless, wireless LANs (e.g., 802.11x), wired LANs, and dial-up networks.
-
Citations
28 Claims
-
1. A security management and secure transport system comprising:
-
a security agent node group (SANG) having at least one security agent node (SAN), and a transport agent node group (TANG) having at least one transport agent node (TAN), wherein;
a security subscriber unit (SSU) communicates with the SANG over a non-secure link to establish a first session key at the SSU;
the SAN communicates with the TANG to establish the first session key at the TANG; and
the SSU communicates with the TANG over a secure link based on the first session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A method for security management and secure transport comprising:
-
linking one or more security agent nodes (SANs) via a first secure protocol to each other into a security agent node group (SANG), and linking one or more transport agent nodes (TANs) via a second secure, protocol to each other into a transport agent node group (TANG), providing a first shared key to a first security subscriber unit (SSU), wherein the first shared key is known to the SANG, and using the first shared key to establish a first session key that allows the first SSU to securely connect to the TANG. - View Dependent Claims (26, 27, 28)
-
Specification