METHOD AND APPARATUS FOR PROVIDING SERVICE PROVIDER-CONTROLLED COMMUNICATION SECURITY

US 20120275598A1
Filed: 06/10/2011
Published: 11/01/2012
Est. Priority Date: 04/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising facilitating a processing of and/or processing (1) data and/or (2) information and/or (3) at least one signal, the (1) data and/or (2) information and/or (3) at least one signal based, at least in part, on the following:

a connection request from a device;

context information associated with the device, the access network, a user of the device, or a combination thereof;

a processing of the context information to determine one or more encryption ciphers provided by a terminating end-point; and

an establishment of the connection request using, at least in part, the one or more encryption ciphers.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for service provider controlled communication security. A security platform receives a connection request from a client device. The security platform determines context information associated with the device, access network, a user of the device, or a combination thereof, and then processes and/or facilitates a processing of the context information to determine one or more encryption ciphers to offer for the session. Next, the security platform causes, at least in part, establishment of the connection request using, at least in part, the one of the offered encryption ciphers.

105 Citations

View as Search Results

20 Claims

1. A method comprising facilitating a processing of and/or processing (1) data and/or (2) information and/or (3) at least one signal, the (1) data and/or (2) information and/or (3) at least one signal based, at least in part, on the following:
- a connection request from a device;
  
  context information associated with the device, the access network, a user of the device, or a combination thereof;
  
  a processing of the context information to determine one or more encryption ciphers provided by a terminating end-point; and
  
  an establishment of the connection request using, at least in part, the one or more encryption ciphers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method of claim 1, wherein the (1) data and/or (2) information and/or (3) at least one signal are further based, at least in part, on the following:
    - a processing of the context information to determine location information,wherein the one or more encryption ciphers are determined based, at least in part, on the location information.
  - 3. A method of claim 2, wherein the location information is based, at least in part, on a network address, a network code, a country code, or a combination thereof associated with the device.
  - 4. A method of claim 3, wherein the (1) data and/or (2) information and/or (3) at least one signal are further based, at least in part, on the following:
    - probe data associated with the device;
      
      a processing of the probe data to determine to verify the network address, the network code, the country code, or a combination thereof
  - 5. A method of claim 1, wherein the (1) data and/or (2) information and/or (3) at least one signal are further based, at least in part, on the following:
    - an input for specifying a range of network addresses; and
      
      a comparison of a network address of the device against the range of network addresses;
      
      wherein the one or more encryption ciphers are determined based, at least in part, on the comparison.
  - 6. A method of claim 1, wherein the (1) data and/or (2) information and/or (3) at least one signal are further based, at least in part, on the following:
    - a processing of the context information to determine a strength of encryption for the connection request,wherein the one or more encryption ciphers are determined based, at least in part, on the strength of the encryption.
  - 7. A method of claim 1, wherein the strength of encryption is specified, at least in part, by a governmental authority, a regulatory entity, a service provider, or a combination thereof.
  - 8. A method of claim 2, wherein the location information is a country of origin, and the (1) data and/or (2) information and/or (3) at least one signal are further based, at least in part, on the following:
    - a collection of source address and mobile network code/mobile country code relations in a database; and
      
      a determination of the country of origin based, at least in part, on the database.
  - 9. A method of claim 1, wherein at least one of the one or more encryption ciphers supports one or more lawful interception requirements of a locality associated with the device.
  - 10. A method of claim 1, wherein the one or more encryption ciphers operate via one or more cryptographic protocols including, at least in part, a Transport Layer Security protocol or a Secure Sockets Layer protocol.

11. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,receive a connection request from a device;
  
  determine context information associated with the device, a user of the device, or a combination thereof;
  
  process and/or facilitate a processing of the context information to determine one or more encryption ciphers; and
  
  establish the connection request using, at least in part, the one or more encryption ciphers.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. An apparatus of claim 11, wherein the apparatus is further caused to:
    - process and/or facilitate a processing of the context information to determine location information,wherein the one or more encryption ciphers are determined based, at least in part, on the location information.
  - 13. An apparatus of claim 12, wherein the location information is based, at least in part, on a network address, a network code, a country code, or a combination thereof associated with the device.
  - 14. An apparatus of claim 13, wherein the apparatus is further caused to:
    - determine probe data associated with the device;
      
      process and/or facilitate a processing of the probe data to determine to verify the network address, the network code, the country code, or a combination thereof
  - 15. An apparatus of claim 11, wherein the apparatus is further caused to:
    - receive an input for specifying a range of network addresses; and
      
      cause, at least in part, a comparison of a network address of the device against the range of network addresses;
      
      wherein the one or more encryption ciphers are determined based, at least in part, on the comparison.
  - 16. An apparatus of claim 11, wherein the apparatus is further caused to:
    - process and/or facilitate a processing of the context information to determine a strength of encryption for the connection request,wherein the one or more encryption ciphers are determined based, at least in part, on the strength of the encryption.
  - 17. An apparatus of claim 11, wherein the strength of encryption is specified, at least in part, by a governmental authority, a regulatory entity, a service provider, or a combination thereof
  - 18. An apparatus of claim 12, wherein the location information is a country of origin, and the apparatus is further caused to:
    - determine to collect source address and mobile network code/mobile country code relations in a database; and
      
      determine the country of origin based, at least in part, on the database.
  - 19. An apparatus of claim 11, wherein at least one of the one or more encryption ciphers supports one or more lawful interception requirements of a locality associated with the device.
  - 20. An apparatus of claim 11, wherein the one or more encryption ciphers operate via one or more cryptographic protocols including, at least in part, a Transport Layer Security protocol or a Secure Sockets Layer protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Vimpari, Markku Kalevi, Alakontiola, Jukka Sakari

Granted Patent

US 9,450,752 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/255
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/107   wherein the security polici...

H04L 63/205   involving negotiation or de...

H04L 63/30   for supporting lawful inter...

H04L 63/304   intercepting circuit switch...

H04L 9/0872   using geo-location informat...

H04L 9/088   Usage controlling of secret...

H04L 9/14   using a plurality of keys o...

METHOD AND APPARATUS FOR PROVIDING SERVICE PROVIDER-CONTROLLED COMMUNICATION SECURITY

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR PROVIDING SERVICE PROVIDER-CONTROLLED COMMUNICATION SECURITY

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links