Method and System for Policy Enforcement in Trusted Ad Hoc Networks

US 20120023550A1
Filed: 07/23/2010
Published: 01/26/2012
Est. Priority Date: 07/23/2010
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable storage medium storing a set of instructions executable by a processor, the set of instructions being operable to:

receive a request from a node to join a trusted ad hoc network;

authenticate the node to join the trusted ad hoc network, the authentication performed based on a verification that the node will comply with a security policy of the trusted ad hoc network;

send, to the node, a verification that the trusted ad hoc network complies with the security policy; and

add the node to the trusted ad hoc network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A non-transitory computer-readable storage medium storing a set of instructions executable by a processor. The set of instructions is operable to receive a request from a node to join a trusted ad hoc network. The set of instructions is further operable to authenticate the node to join the trusted ad hoc network. The authentication is performed based on a verification that the node will comply with a security policy of the trusted ad hoc network. The set of instructions is further operable to send, to the node, a verification that the trusted ad hoc network complies with the security policy. The set of instructions is further operable to add the node to the trusted ad hoc network.

33 Citations

View as Search Results

20 Claims

1. A non-transitory computer readable storage medium storing a set of instructions executable by a processor, the set of instructions being operable to:
- receive a request from a node to join a trusted ad hoc network;
  
  authenticate the node to join the trusted ad hoc network, the authentication performed based on a verification that the node will comply with a security policy of the trusted ad hoc network;
  
  send, to the node, a verification that the trusted ad hoc network complies with the security policy; and
  
  add the node to the trusted ad hoc network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11)
- - 2. The non-transitory computer readable storage medium of claim 1, wherein the verification is performed by verifying a report generated by a trusted agent operated by the node.
  - 3. The non-transitory computer readable storage medium of claim 2, wherein the trusted agent includes a hardware component and a software component.
  - 4. The non-transitory computer readable storage medium of claim 3, wherein the software component of the trusted agent operates as a portion of a kernel of an operating system of the node.
  - 5. The non-transitory computer readable storage medium of claim 1, wherein the verification comprises one of verifying a system commitment to the security policy, verifying an enforcer commitment to the security policy, and verifying a boot status of the node.
  - 6. The non-transitory computer readable storage medium of claim 1, wherein the trusted ad hoc network comprises a plurality of security policies.
  - 7. The non-transitory computer readable storage medium of claim 6, wherein each of the plurality of security policies corresponds to an application executed by a plurality of nodes of the trusted ad hoc network.
  - 8. The non-transitory computer readable storage medium of claim 1, wherein the instructions are further operable to:
    - send, to the node, a key corresponding to the trusted ad hoc network.
  - 9. The non-transitory computer readable storage medium of claim 1, wherein the instructions are further operable to:
    - select, as a final key for the trusted ad hoc network, one of an initial key of the trusted ad hoc network and a key of a further trusted ad hoc network, the node being a member of the further trusted ad hoc network.
  - 11. The non-transitory computer readable storage medium of claim 9, wherein the instructions are further operable to:
    - invite a further node of the further trusted ad hoc network to join the trusted ad hoc network; and
      
      add the further node to the trusted ad hoc network, based on a verification of a membership of the further node in the further trusted ad hoc network.

10. The non-transitory computer readable storage medium 9, wherein the selection is made based on a higher one of a hash value of the initial key of the trusted ad hoc network and a hash value of the key of the further trusted ad hoc network.

12. A method, comprising:
- receiving a request from a node to join a trusted ad hoc network;
  
  authenticating the node to join the trusted ad hoc network, the authentication performed based on a verification that the node will comply with a security policy of the trusted ad hoc network;
  
  sending, to the node, a verification that the trusted ad hoc network complies with the security policy; and
  
  adding the node to the trusted ad hoc network.
- View Dependent Claims (13, 14, 15, 16, 17, 19)
- - 13. The method of claim 12, wherein the verification is performed by verifying a report generated by a trusted agent operated by the node.
  - 14. The method of claim 13, wherein the trusted agent includes a hardware component and a software component.
  - 15. The method of claim 14, wherein the software component of the trusted agent operates as a portion of a kernel of an operating system of the node.
  - 16. The method of claim 12, wherein the verification comprises one of verifying a system commitment to the security policy, verifying an enforcer commitment to the security policy, and verifying a boot status of the node.
  - 17. The method of claim 12, wherein the trusted ad hoc network comprises a plurality of security policies.
  - 19. The method of claim 12, further comprising:
    - sending, to the node, a key corresponding to the trusted ad hoc network.

18. The method of claim 176, wherein each of the plurality of security policies corresponds to an application executed by a plurality of nodes of the trusted ad hoc network.

20. A device, comprising:
- a memory; and
  
  a processor configured to receive a request from a node to join a trusted ad hoc network of which the device is a member, the processor further configured to authenticate the node to join the trusted ad hoc network, the authentication performed based on a verification that the node will comply with a security policy of the trusted ad hoc network, the processor further configured to send, to the node, a verification that the trusted ad hoc network complies with the security policy, the processor further configured to add the node to the trusted ad hoc network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.), New Jersey Institute of Technology
Original Assignee
New Jersey Institute of Technology
Inventors
Xu, Gang, Iftode, Liviu, Borcea, Cristian

Granted Patent

US 10,693,853 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/20   for managing network securi...

H04W 84/18   Self-organising networks, e...

Method and System for Policy Enforcement in Trusted Ad Hoc Networks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and System for Policy Enforcement in Trusted Ad Hoc Networks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links