Security protocols on incompatible transports

US 20060206705A1
Filed: 03/10/2005
Published: 09/14/2006
Est. Priority Date: 03/10/2005
Status: Active Grant

First Claim

Patent Images

1. A method for communicating between a first and a second machine using the User Datagram Protocol (UDP), comprising:

providing a reliability delivery layer (RDL) interface to the UDP;

establishing a UDP connection between the first and the second machine; and

establishing a transport layer security over the RDL interface to the UDP, wherein the transport layer security is incompatible with the UDP.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

“Honest” is a nice word. Sadly, some people in this world are not honest. In an increasingly wired world, dishonest people have found myriad opportunities to illicitly acquire one'"'"'s confidential data, to monitor or interfere with one'"'"'s networking activities, e.g., to monitor what you are doing, downloading, accessing, etc., to eavesdrop on or hijack telephony control and voice data or other protocols on your network, etc. To address such risks, typically a secured communication protocol, e.g., TLS or SSL, is utilized to protect communication. Unfortunately, TLS, SSL, and many other security environments require the underlying communication protocol to be TCP/IP, while some protocols needing communication protection, such as VoIP, RTP, SNMP, etc. only operate on UDP and not TCP/IP. Thus, a network shim or other embodiments disclosed herein may be used to allow such UDP based application programs and protocols to use security environments requiring a TCP/IP type transport.

40 Citations

View as Search Results

22 Claims

1. A method for communicating between a first and a second machine using the User Datagram Protocol (UDP), comprising:
- providing a reliability delivery layer (RDL) interface to the UDP;
  
  establishing a UDP connection between the first and the second machine; and
  
  establishing a transport layer security over the RDL interface to the UDP, wherein the transport layer security is incompatible with the UDP.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the transport layer security operates in accord with a selected one of the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols.
  - 3. The method of claims 1 or 2, wherein the RDL is incorporated into the transport layer security.
  - 4. The method of claim 1, further comprising:
    - providing an object file for an application program written to utilize the UDP for communicating between the first and the second machine;
      
      providing a link library prepared to utilize networking calls to the transport layer security for engaging in network communication; and
      
      making an executable binary for the application program based at least in part on linking the binary object file with the link library.
  - 5. The method of claim 1, wherein the RDL provides the UDP with data corruption detection/correction, data loss detection/correction and fragmentation/reassembly functionality.
  - 6. The method of claim 5, wherein the RDL further provides the UDP with selected ones of data corruption correction, data loss correction, or data fragmentation reassembly.

7. A method for utilizing a transport layer security compatible with a reliable transport over an incompatible unreliable transport, the method comprising:
- providing a reliability delivery layer (RDL) interface to the unreliable transport, the RDL adding selected ones of data corruption detection and data loss detection to the unreliable transport and masking incompatibility of the unreliable transport;
  
  establishing a communication session using the unreliable transport; and
  
  establishing a secure communication session using the transport layer security over the RDL interface.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising:
    - executing an application program incompatible with the reliable transport but compatible with the unreliable transport; and
      
      providing a virtual execution environment mapping networking calls to the unreliable transport to calls to the RDL interface.
  - 9. The method of claims 8 or 7, wherein the unreliable transport is the UDP (User Datagram Protocol).
  - 10. The method of claim 7, wherein the transport layer security is a selected one of TLS (Transport Layer Security) or SSL (Secure Sockets Layer).
  - 11. The method of claim 7, wherein the unreliable transport lacks in-sequence data delivery, and wherein the RDL provides in-sequence data delivery to the second transport.
  - 12. The method of claim 7, wherein the RDL comprises a protocol wrapper for the unreliable transport (UTP).

13. A method for utilizing a transport layer security over an incompatible unreliable transport, comprising:
- modifying a network application program to substitute selected networking calls in the network application program to the unreliable transport with networking calls to the transport layer security;
  
  installing a reliability delivery layer (RDL) in a network stack above the unreliable transport to masquerade the unreliable transport as a reliable transport compatible with the transport layer security; and
  
  configuring the transport layer security to utilize the RDL.
- View Dependent Claims (14, 15)
- - 14. The method of claim 13, wherein modifying the network application program comprises modifying a source code of the network application program to replace networking calls therein with corresponding calls to the transport layer security.
  - 15. The method of claim 13, further comprising:
    - establishing a secure communication session from the network application program over the RDL masquerading the unreliable transport as compatible with the transport layer security.

16. An article comprising a machine-accessible medium having one or more associated instructions for communicating between a first and a second machine using the User Datagram Protocol (UDP), wherein the one or more instructions, if executed, results in a machine performing:
- providing a reliability delivery layer (RDL) interface to the UDP;
  
  establishing a UDP connection between the first and the second machine; and
  
  establishing a transport layer security over the RDL interface to the UDP, wherein the transport layer security is incompatible with the UDP.
- View Dependent Claims (17, 18)
- - 17. The article of claim 16, wherein the associated instructions for the transport layer security further include instructions, which if executed, results in the transport layer security operating in accord with a selected one of:
    - the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols.
  - 18. The article of claim 16, wherein the associated instructions further include instructions, which if executed, results in the machine performing:
    - providing an object file for an application program written to utilize the UDP for communicating between the first and the second machine;
      
      providing a link library prepared to utilize networking calls to the transport layer security for engaging in network communication; and
      
      making an executable binary for the application program based at least in part on linking the binary object file with the link library.

19. An article comprising a machine-accessible medium having one or more associated instructions for utilizing a transport layer security compatible with a reliable transport over an incompatible unreliable transport, wherein the one or more instructions, if executed, results in a machine performing:
- providing a reliability delivery layer (RDL) interface to the unreliable transport, the RDL adding selected ones of data corruption detection and data loss detection to the unreliable transport and masking incompatibility of the unreliable transport;
  
  establishing a communication session using the unreliable transport; and
  
  establishing a secure communication session using the transport layer security over the RDL interface.
- View Dependent Claims (20)
- - 20. The article of claim 19, wherein the associated instructions further include instructions, which if executed, results in the machine performing:
    - executing an application program incompatible with the reliable transport but compatible with the unreliable transport; and
      
      providing a virtual execution environment mapping networking calls to the unreliable transport to calls to the RDL interface.

21. An article comprising a machine-accessible medium having one or more associated instructions for utilizing a transport layer security over an incompatible unreliable transport, wherein the one or more instructions, if executed, results in a machine performing:
- modifying a network application program to substitute selected networking calls in the network application program to the unreliable transport with networking calls to the transport layer security;
  
  installing a reliability delivery layer (RDL) in a network stack above the unreliable transport to masquerade the unreliable transport as a reliable transport compatible with the transport layer security; and
  
  configuring the transport layer security to utilize the RDL.
- View Dependent Claims (22)
- - 22. The article of claim 21, wherein the associated instructions further include instructions, which if executed, results in the machine performing:
    - establishing a secure communication session from the network application program over the RDL masquerading the unreliable transport as compatible with the transport layer security.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Khosravi, Hormuzd

Granted Patent

US 7,743,245 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/151
CPC Class Codes

H04L 63/16   Implementing security featu...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/164   Adaptation or special uses ...

H04L 69/169   Special adaptations of TCP,...

H04L 69/32   Architecture of open system...

H04L 69/326   in the transport layer [OSI...

Security protocols on incompatible transports

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security protocols on incompatible transports

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links