Method and apparatus for use in security
First Claim
1. A security system for use in secure transfer of data to or from communication devices connected to a network, the system comprising:
- i) an input for receiving data;
ii) security management apparatus for processing data received at the input and selecting a value for one or more parameters of the security system; and
iii) an output for use in identifying selected values to said communication devices, wherein the apparatus is adapted to process said received data to select said value(s), and to use said output to identify said value(s) to one or more of said communication devices for use in subsequent secure transfer of data to or from said one or more communication devices using the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system for securing data paths in a network responds to events to change parameters of the security features in use. For example, it can change the type of encryption algorithm being used, or parameters of the encryption algorithm such as the key length or number of rounds of negotiation, or it can change a data transfer protocol. Events which the security system can respond to include user action, such as logging on to a more expensive service or moving their network location, or date or time, or patterns of usage in the network. The system processes incoming data using rules to determine a response. Parameters are changed by outputting configuration data to communication devices attached to the network, such as the head end and television receivers in a digital television system. In a preferred form of the system, the parameters of the security features in use can be dependent on network location, introducing diversity to the system which makes the security more difficult to penetrate.
-
Citations
35 Claims
-
1. A security system for use in secure transfer of data to or from communication devices connected to a network, the system comprising:
-
i) an input for receiving data;
ii) security management apparatus for processing data received at the input and selecting a value for one or more parameters of the security system; and
iii) an output for use in identifying selected values to said communication devices, wherein the apparatus is adapted to process said received data to select said value(s), and to use said output to identify said value(s) to one or more of said communication devices for use in subsequent secure transfer of data to or from said one or more communication devices using the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 27, 28, 29, 30, 31, 32)
-
-
22. A security system for use in secure transfer of data to or from communication devices connected to a network, the system comprising:
-
i) security management apparatus for selecting a value for one or more parameters of the security system; and
ii) an output for use in identifying selected values to said communication devices, wherein the apparatus is adapted to use one or more rules to select said value(s), and to use said output to identify the selected value(s) to one or more of said communication devices for use in subsequent secure transfer of data to or from said one or more communication devices using the network, at least one of said one or more rules, in use of the system, comprising network location data and the apparatus is thus adapted to select a value which is at least partially network location dependent. - View Dependent Claims (23, 24, 25, 26)
-
-
33. A method of protecting transfer of data between communication devices attached to a network using one or more security parameters to protect said transfer of data, the one or more security parameters having selectable values, which method comprises the steps of:
-
i) receiving stimulus data;
ii) accessing current data identified in a set of one or more decision criteria;
iii) processing the stimulus data together with said current data to select at least one value of at least one of said security parameter(s); and
iv) outputting a signal to two or more of the communication devices, the signal comprising the at least one selected value. - View Dependent Claims (34, 35)
-
Specification