Method and Apparatus to Create and Manage a Differentiated Security Framework for Content Oriented Networks
First Claim
1. A network component comprising:
- a receiver configured to receive a signed content item and an associated security information from a publisher, wherein the security information indicates which group from a plurality of groups is allowed to access the signed content item;
a storage unit configured to cache the content item and the associated security information;
a processor to implement procedures to enforce security policies defined by the security information; and
a transmitter configured to send the signed content item from the cache to a subscriber when the subscriber is a member of a group indicated by the security information as authorized to access the signed content item, wherein the subscriber verifies the signed content.
1 Assignment
0 Petitions
Accused Products
Abstract
A network component comprising a receiver configured to receive a signed content item and an associated security information from a publisher, wherein the security information indicates which group from a plurality of groups is allowed to access the signed content item, a storage unit configured to cache the content item and the associated security information, a processor to implement procedures to enforce security policies defined by the security information, and a transmitter configured to send the signed content item from the cache to a subscriber when the subscriber is a member of a group indicated by the security information as authorized to access the signed content item.
-
Citations
30 Claims
-
1. A network component comprising:
-
a receiver configured to receive a signed content item and an associated security information from a publisher, wherein the security information indicates which group from a plurality of groups is allowed to access the signed content item; a storage unit configured to cache the content item and the associated security information; a processor to implement procedures to enforce security policies defined by the security information; and a transmitter configured to send the signed content item from the cache to a subscriber when the subscriber is a member of a group indicated by the security information as authorized to access the signed content item, wherein the subscriber verifies the signed content. - View Dependent Claims (2, 3, 5, 6, 7)
-
-
4. (canceled)
-
8. A content router comprising:
-
storage configured to store a signed content item and an associated security policy, wherein the signed content item is received from a first one of a plurality of users in a content oriented network (CON), wherein the security policy indicates which users from the plurality of users are allowed to access the signed content item; and a processor configured to enforce the associated security policy for the signed content item. - View Dependent Claims (9, 10, 12, 17, 18, 19, 20, 21)
-
-
11. (canceled)
-
13-16. -16. (canceled)
-
22-23. -23. (canceled)
-
24. A system for enforcing a plurality of security policies for shared content, comprising:
-
a content oriented network (CON) comprising a plurality of content routers; and a plurality of edge nodes coupled to the CON, wherein the edge nodes are configured to couple a first group of users to the CON and a second group of users to the CON, wherein the first group of users are associated with a first security policy for a first content item, wherein the first security policy is created by the first group of users, and wherein the second group of users are associated with a second security policy for a second content item, wherein the second security policy is created by the second group of users; wherein the first security policy is different from the second security policy, and wherein the CON is configured to implement the first security policy and the second security policy. - View Dependent Claims (25, 26, 27, 29)
-
-
28. (canceled)
-
30-41. -41. (canceled)
Specification