Method and system for checking security of data received by a computer system within a network environment
First Claim
1. A method for checking security of data received by a computer system within a network environment, wherein said data is generated by a client computer system within said network environment, said method comprising the steps of:
- decrypting an incoming encrypted packet received from a client computer system by utilizing a decryption key;
encrypting said decrypted incoming packet by utilizing an encryption key previously provided to said client computer system, wherein said encryption key is also assumed to be employed by said client computer system to encrypt said incoming encrypted packet;
determining whether or not a packet produced by said encrypting step is identical to said incoming encrypted packet; and
in response to a determination that a packet produced by said encrypting step is identical to said incoming encrypted packet, accepting said decrypted incoming packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for checking security of data received by a computer system within a network environment is disclosed. In accordance with a preferred embodiment of the present invention, an incoming packet from a client is first decrypted within a receiving communications adapter by utilizing a master decryption key. The decrypted incoming packet is then encrypted by utilizing an encryption key identical to an encryption key employed by the client. A determination is made as to whether or not a packet produced from the encryption is identical to the incoming packet. In response to a determination that a packet produced from the encryption is identical to the incoming packet, the decrypted incoming packet is forwarded to a system memory of the computer system. As such, any incoming packet that does not meet this criterion will be rejected as a security threat.
-
Citations
16 Claims
-
1. A method for checking security of data received by a computer system within a network environment, wherein said data is generated by a client computer system within said network environment, said method comprising the steps of:
-
decrypting an incoming encrypted packet received from a client computer system by utilizing a decryption key; encrypting said decrypted incoming packet by utilizing an encryption key previously provided to said client computer system, wherein said encryption key is also assumed to be employed by said client computer system to encrypt said incoming encrypted packet; determining whether or not a packet produced by said encrypting step is identical to said incoming encrypted packet; and in response to a determination that a packet produced by said encrypting step is identical to said incoming encrypted packet, accepting said decrypted incoming packet. - View Dependent Claims (2, 3, 4, 5, 15)
-
-
6. A computer system, within a network environment, capable of checking incoming data, said computer system comprising:
-
a communications adapter coupled to said network environment; means for decrypting an incoming encrypted packet received from a client computer system by utilizing a decryption key; means for encrypting said decrypted incoming packet by utilizing an encryption key previously provided to said client computer system, wherein said encryption key is also assumed to be employed by said client computer system to encrypt said incoming encrypted packet; means for determining whether or not a packet produced by said encrypting step is identical to said incoming encrypted packet, within said communications adapter; and means for accepting said decrypted incoming packet within said communications adapter, in response to a determination that a packet produced by said encrypting step is identical to said incoming packet. - View Dependent Claims (7, 8, 9)
-
-
10. A computer program product residing on a computer-usable medium for checking security of incoming data to a computer system within a network environment, said computer program product comprising:
-
program code means for decrypting an incoming encrypted packet received from a client computer system by utilizing a decryption key; program code means for encrypting said decrypted incoming packet by utilizing an encryption key previously provided to said client computer system, wherein said encryption key is also assumed to be employed by said client computer system to encrypt said incoming encrypted packet; program code means for determining whether or not a packet produced by said encrypting step is identical to said incoming encrypted packet; and program code means for accenting said decrypted incoming packet, in response to a determination that a packet produced by said encrypting step is identical to said incoming encrypted packet. - View Dependent Claims (11, 12, 13, 14, 16)
-
Specification