SYSTEM AND METHOD FOR USING VARIABLE SECURITY TAG LOCATION IN NETWORK COMMUNICATIONS
First Claim
1. A method for processing a security tag in each packet of a packetized communication, the packets being transmitted to a receiving node in a network, the security tag including information relating to at least a user, the method comprising the steps of:
- selecting at least one placement location among a plurality of locations to embed the security tag in each packet of the packetized communication;
receiving, at the receiving node, each packet of the packetized communication, each packet having the security tag embedded at the selected placement location;
authenticating, at the receiving node, the embedded security tag in each packet; and
if a respective packet of the packetized communication is received by the receiving node without the security tag embedded in the selected placement location, preventing access by the respective packet which does not have the security tag embedded in the selected placement location to a secured resource.
9 Assignments
0 Petitions
Accused Products
Abstract
A method of packet security management to ensure a secure connection from one network node to another. The method includes creating a security tag for each packet in a network session, selecting one of a number of possible tag locations within the packet, inserting the security tag at that location, transmitting the tagged packets from a sending node to the receiving node, authenticating the packets'"'"' security tags at the receiving node, and dropping non-authenticated packets. The method also includes determining best possible tag locations when sending a packet and locating a security tag when receiving a packet.
-
Citations
21 Claims
-
1. A method for processing a security tag in each packet of a packetized communication, the packets being transmitted to a receiving node in a network, the security tag including information relating to at least a user, the method comprising the steps of:
-
selecting at least one placement location among a plurality of locations to embed the security tag in each packet of the packetized communication; receiving, at the receiving node, each packet of the packetized communication, each packet having the security tag embedded at the selected placement location; authenticating, at the receiving node, the embedded security tag in each packet; and if a respective packet of the packetized communication is received by the receiving node without the security tag embedded in the selected placement location, preventing access by the respective packet which does not have the security tag embedded in the selected placement location to a secured resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for processing a security tag in each packet of a packetized communication, the packets being transmitted from a sending node in a network, the security tag including information relating to at least a user, the method comprising the steps of:
-
selecting at least one placement location among a plurality of placement locations to embed the security tag in each packet of the packetized communication; inserting, by the sending node, the security tag at the selected at least one placement location for each packet of the packetized communication, as a tagged packet; and transmitting, by the sending node, each tagged packet. - View Dependent Claims (12, 13)
-
-
14. A method for processing a security tag embedded in a plurality of packets of a packetized communication, the packets being transmitted from a sending node to a receiving node in a network, the security tag including security information regarding the packetized communication, the method comprising the steps of:
-
selecting a placement location among a plurality of placement locations to embed the security tag in each packet of the packetized communication; authenticating, at the receiving node, each of the embedded security tags located at the selected placement location for the packets of the packetized communication; and passing packets that are authenticated to a secured resource on the network. - View Dependent Claims (15, 16)
-
-
17. A sending node for transmitting packets toward a receiving node in a packetized communication network, comprising:
-
a placement determination unit for selecting at least one placement location among a plurality of placement locations for at least one security tag to be embedded in each of a plurality of packets of a packetized communication; an insertion unit for inserting the security tag at the at least one placement location for each of the packets, as tagged packets; and a transmission unit for transmitting the tagged packets from the sending node toward the receiving node. - View Dependent Claims (18)
-
-
19. A receiving node for receiving packets sent by a sending node in a packetized communication network, comprising:
-
a receiving unit for receiving the packets from the sending node; and a packet processor for authenticating, at the receiving node, a security tag embedded in each of the packets, wherein the packet processor prevents access by a respective packet of the packetized communication to a secured resource;
(1) if the respective, received packet does not have the security tag embedded in a selected one of a plurality of placement locations or (2) if the security tag embedded at the selected one of the plurality of placement locations is not authenticated. - View Dependent Claims (20)
-
-
21. A computer readable storage medium for storing computer code to execute the method for processing a security tag in each packet of a packetized communication, the packets being transmitted to a receiving node in a network, the security tag including information relating to at least a user, the method comprising the steps of:
-
selecting at least one placement location among a plurality of locations to embed the security tag in each packet of the packetized communication; receiving, at the receiving node, each packet of the packetized communication, each packet having the security tag embedded at the selected placement location; authenticating, at the receiving node, the embedded security tag in each packet; and if a respective packet of the packetized communication is received by the receiving node without the security tag embedded in the selected placement location, preventing access by the respective packet which does not have the security tag embedded in the selected placement location to a secured resource.
-
Specification