HIERARCHICAL DETERMINISTIC PAIRWISE KEY PREDISTRIBUTION SCHEME
First Claim
1. A security system for a hierarchical network including L hierarchical levels each corresponding to a security domain comprising:
- a plurality of local network nodes;
a keying material generator which generates correlated sets of keying material for each network node, which each keying material set includes L keying material sub-sets, each corresponding to an associated security domain; and
a set up server which distributes the generated keying material sets to each network node to enable the network nodes to communicate with one another at a security domain of a hierarchical level k by using a corresponding sub-set of keying material.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system for a hierarchical network (10) includes L hierarchical levels each corresponding to a security domain level (16), and a plurality of local network nodes (A, B, . . . , Z). A keying material generator (24) generates a set (30) of correlated keying material for each network node. Each set (30) of keying material is composed of L sub-sets (32) of keying material one for each security domain level (16). A set up server (34) distributes the generated sets (30) of keying material to each network node (A, B, . . . , Z) to enable the network nodes (A, B, . . . , Z) to communicated with one another at a security domain of a hierarchical level k by a use of a corresponding sub-set (32) of the security keying material.
32 Citations
26 Claims
-
1. A security system for a hierarchical network including L hierarchical levels each corresponding to a security domain comprising:
-
a plurality of local network nodes; a keying material generator which generates correlated sets of keying material for each network node, which each keying material set includes L keying material sub-sets, each corresponding to an associated security domain; and a set up server which distributes the generated keying material sets to each network node to enable the network nodes to communicate with one another at a security domain of a hierarchical level k by using a corresponding sub-set of keying material. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of hierarchical security management comprising:
-
generating correlated sets of keying material for each network node which each set includes L keying material sub-sets each corresponding to a security domain associated with one of a plurality of hierarchical levels L; distributing the generated keying material sets to the network nodes; and establishing communications between the network nodes at a common security domain of a hierarchical level k by a corresponding sub-set of the keying material. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A network device including:
-
a predistributed set of keying material each including at least; a lowest level keying material sub-set associated with a lowest level security domain, and a higher level keying material sub-set associated with a higher level security domain, the network device is programmed to authenticate other network devices at the lowest level common security domain and communicate with one another with the sub-set associated with the lowest level common security domain. - View Dependent Claims (21, 22, 23)
-
-
24. A network comprising:
-
a plurality of first network devices which communicate with each other in a first lower level security domain and with other devices in a higher level security domain; and a plurality of second network devices which communicate with each other but not with the first network devices in a second lower level security domain different from the first lower level security domain and with the first network devices in the higher level security domain. - View Dependent Claims (25, 26)
-
Specification