Enterprise data protection management for providing secure communication in a network
First Claim
Patent Images
1. A system for providing secure networks comprising:
- a communication network having a network infrastructure; and
an intelligent software overlay operating on a server in connection to the network for providing security for the network;
wherein the intelligent software overlay further includes;
a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), wherein the MAP includes at least one policy for providing secure association (SA) within the network;
wherein the at least one KAP is operable to generate and manage keys provided to a multiplicity of policy end points (PEPs) through an open API;
and wherein the intelligent overlay to the network is independent of the network infrastructure and requires a minimum number of policies and SAs to create a full mesh, wherein the number of policies is less than N(N−
1) and number of SAs is less than 2N(N−
1), where N is the number of end points, thereby providing a secure, flexible network security solution.
9 Assignments
0 Petitions
Accused Products
Abstract
System and methods for providing an intelligent overlay for providing dynamic control policies, keys and management of same for secure communication of information, data and/or communication over a network without requiring any change in the network hardware or infrastructure and requiring a minimum number of policies and SAs to create a full mesh, wherein the number of policies is less than N(N−1) and number of SAs is less than 2N(N−1), where N is the number of end points on the network.
81 Citations
5 Claims
-
1. A system for providing secure networks comprising:
-
a communication network having a network infrastructure; and
an intelligent software overlay operating on a server in connection to the network for providing security for the network;
wherein the intelligent software overlay further includes;
a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), wherein the MAP includes at least one policy for providing secure association (SA) within the network;
wherein the at least one KAP is operable to generate and manage keys provided to a multiplicity of policy end points (PEPs) through an open API;
and wherein the intelligent overlay to the network is independent of the network infrastructure and requires a minimum number of policies and SAs to create a full mesh, wherein the number of policies is less than N(N−
1) and number of SAs is less than 2N(N−
1), where N is the number of end points,thereby providing a secure, flexible network security solution. - View Dependent Claims (2, 3, 4)
-
-
5. A method for providing secure interactivity between points on a network comprising the steps of:
-
providing a communication network having a network infrastructure between a multiplicity of policy end points (PEPs);
providing an intelligent software overlay that is independent of the network infrastructure, the software overlay operating on a server in connection to the network for providing security for the network;
wherein the intelligent software overlay further includes;
a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP);
the MAP establishing and managing at least one policy for providing secure association (SA) between PEPs within the network;
the KAP generating and managing keys and providing them to the PEPs through an open API;
and the PEPs having secure exchange over the network using the keys provided by the KAP;
wherein the intelligent overlay to the network is independent of the network infrastructure and requires a minimum number of policies and SAs to create a full mesh, wherein the number of policies is less than N(N−
1) and number of SAs is less than 2N(N−
1), where N is the number of end points.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCertes Networks, Inc.
-
Original AssigneeCertes Networks, Inc.
-
InventorsWillis, Ronald, Starrett, Charles
-
Application NumberUS11/900,260Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current726/1CPC Class CodesG06F 21/577 Assessing vulnerabilities a...G06F 21/6218 to a system of files or obj...H04L 63/06 for supporting key manageme...H04L 63/08 for authentication of entit...H04L 63/102 Entity profiles
