Secure communication setup method
First Claim
1. A method of engaging in a secure communication session with one of a plurality of remote terminals, said method comprising the steps of:
- maintaining a list of approved network addresses;
obtaining a current network address for said one remote terminal;
determining whether said current network address corresponds to one of said approved network addresses;
automatically initiating a secure call setup procedure when said current network address corresponds to one of said approved network addresses;
performing a full secure call setup process when no prior secure communication session has been conducted with said one remote terminal;
performing an abbreviated secure call setup process when a prior secure communication session has been conducted with said one remote terminal;
maintaining a list in which approved user-identities are associated with approved traffic keys, said approved user-identities serving to identify at least some users of said remote terminals;
establishing a plain-text communication session with said one remote terminal;
receiving, after said automatically initiating step, a current identity from said one remote terminal;
determining whether said current identity corresponds to one of said approved user-identities from said list; and
effecting said abbreviated secure call setup process performing step when said current identity corresponds to one of said approved user-identities.
2 Assignments
0 Petitions
Accused Products
Abstract
A call is connected between secure terminals (16) through a network (12). If a network address for the call is included on an approved list (46), a secure call setup procedure (54) is performed automatically. One terminal (16) automatically sends an auto-secure signal. If the other terminal detects the auto-secure signal, secure call setup procedure (54) is performed automatically. The secure call setup procedure (54) determines a current user-identity for the opposing party. If the current user-identity corresponds to a user-identity included on an approved list (76), an abbreviated secure call setup process (80) is performed. If the current user identity is not approved, a full secure call setup process (78) is performed. The abbreviated process (80) differs from the full process (78) in that it uses a traffic key obtained from a prior secure communication session and may be performed more quickly.
116 Citations
14 Claims
-
1. A method of engaging in a secure communication session with one of a plurality of remote terminals, said method comprising the steps of:
-
maintaining a list of approved network addresses; obtaining a current network address for said one remote terminal; determining whether said current network address corresponds to one of said approved network addresses; automatically initiating a secure call setup procedure when said current network address corresponds to one of said approved network addresses; performing a full secure call setup process when no prior secure communication session has been conducted with said one remote terminal; performing an abbreviated secure call setup process when a prior secure communication session has been conducted with said one remote terminal; maintaining a list in which approved user-identities are associated with approved traffic keys, said approved user-identities serving to identify at least some users of said remote terminals; establishing a plain-text communication session with said one remote terminal; receiving, after said automatically initiating step, a current identity from said one remote terminal; determining whether said current identity corresponds to one of said approved user-identities from said list; and effecting said abbreviated secure call setup process performing step when said current identity corresponds to one of said approved user-identities. - View Dependent Claims (2, 3, 4)
-
-
5. A method of engaging in a secure communication session with one of a plurality of remote terminals, said method comprising the steps of:
-
establishing a plain next communication session;
detecting the receipt of an auto-secure signal from said one remote terminal;automatically initiating a secure call setup procedure in response to said auto-secure signal; performing a full secure call setup process when no prior secure communication session has been conducted with said one remote terminal; performing an abbreviated secure call setup process when a prior secure communication session has been conducted with said one remote terminal; maintaining a list in which approved user-identities are associated with approved traffic keys, said approved user-identities serving to identify at least some users of said remote terminals; receiving, after said automatically initiating step, a current identity from said one remote terminal; determining whether said current identity corresponds to one of said approved user-identities from said list; and effecting said abbreviated secure call setup process performing step when said current identity corresponds to one of said approved user-identities. - View Dependent Claims (6)
-
-
7. A method of engaging in a secure communication session with one of a plurality of remote terminals, said method comprising the steps of:
-
detecting the receipt of an auto-secure signal from said one remote terminal; automatically initiating a secure call setup procedure in response to said auto-secure signal; performing said full secure call setup process when no prior secure communication session has been conducted with said one remote terminal; performing an abbreviated secure call setup process when a prior secure communication session has been conducted with said one remote terminal; maintaining a list in which approved user-identities are associated with approved traffic keys, said approved user-identities serving to identify at least some users of said remote terminals; initiating a plain-text communication session with said one remote terminal; receiving a current identity from said one remote terminal; determining whether said current identity corresponds to one of said approved user-identities from said list; and when said current identity corresponds to one of said approved user-identities, encrypting session data using one of said approved traffic keys that is associated in said list with one approved user-identity to which said current identity corresponds. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
Specification