Hierarchical key management system
First Claim
1. A hierarchical key management system for enabling ones of a plurality of users to establish secure communications via a switching network, said hierarchical key management system comprising:
- predefined user groups of said users;
each of said users prior to communication with one another having certification by a common authority said certification comprising the generation a a set asymmetric domain keys which are encrypted and modified to include the authorization predetermined time interval for which said certification is valid;
terminal means connected to said switching network, said terminal means for establishing secure communications through said switching network;
groups of terminal means, each group corresponding to said group of users, a first terminal means establishing communications with a second terminal means via said switching network; and
said first and second terminal means directly establishing secure communications via said switching network, without subsequent connection to said common authority.
3 Assignments
0 Petitions
Accused Products
Abstract
A hierarchical key management system includes a number of secure terminals. These terminals provide secure access to a corresponding number of users. A user inserts a security activation device or key into the secure terminal to access a secure connection through the established communication network. A group of secure wireline terminals is connected to a key certification authority. There may be several groups of key certification authorities and corresponding secure terminal users. At the highest level, a key certification center authorizes secure communications by the key certification authorities. In turn, the key certification authorities authorize secure communications between the users. As a result, if one level of key management is compromised, other levels and users are not affected.
-
Citations
24 Claims
-
1. A hierarchical key management system for enabling ones of a plurality of users to establish secure communications via a switching network, said hierarchical key management system comprising:
-
predefined user groups of said users; each of said users prior to communication with one another having certification by a common authority said certification comprising the generation a a set asymmetric domain keys which are encrypted and modified to include the authorization predetermined time interval for which said certification is valid; terminal means connected to said switching network, said terminal means for establishing secure communications through said switching network; groups of terminal means, each group corresponding to said group of users, a first terminal means establishing communications with a second terminal means via said switching network; and said first and second terminal means directly establishing secure communications via said switching network, without subsequent connection to said common authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13)
-
-
12. A method for secure communications via a switching network between at least two terminals of a plurality of terminals, each of said terminal receiving prior to communication with one another having certification said certification comprising generating a a set of asymmetric domain keys which are encrypted and modified to include the authorization predetermined time interval for which said certification is valid from a common authority, said method comprising the steps of:
-
completing a connection directly between said two terminals via said switching network for the transmission of information; exchanging keying information between said two terminals under said previous certification of said common authority; establishing without subsequent connection to said common authority a session key directly between said two terminals; and determining crypto synchronization information for each terminal, to allow secure communications directly between said two connected terminals. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 22, 23, 24)
-
-
21. A hierarchical key management system for establishing secure communications between at least two users of a plurality of users via a switching network, said hierarchical key management system comprising:
-
key certification means said key certification means comprising means for the generation a a set of asymmetric domain keys which are encrypted and modified to include the authorization predetermined time interval for which said certification is valid; predefined user groups of said users; terminal means connected to said key certification mans for certifying said users of prior to communication with one another; groups of terminal means, each group corresponding to said groups of users, each said terminal means permitting direct secure communications between users of said plurality through said switching network; and key certification means for off-line certification of said users for user of said terminal means for on-line secure communications between said at least two users without subsequent connection to said key certification authority.
-
Specification