Encryption apparatus for enabling encryption and non-encryption terminals to be connected on the same network

US 6,016,350 A
Filed: 05/09/1997
Issued: 01/18/2000
Est. Priority Date: 06/28/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method for use in an encryption apparatus, said method comprising:

receiving service type information from a network signifying whether a sending device is a non-encryption device or an encryption device;

converting the received service type information when such information signifies an encryption device to service type information signifying a non-encryption device; and

preventing data communication with the sending device when the received service type information signifies a non-encryption device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An encryption apparatus enables encrypted communications using existing network equipment which does not have an encryption function, such as a server, a client, or a router. The encryption apparatus is connected to a section between a terminal and a network, data from the terminal is encrypted and sent to the network, data from the network is decrypted and sent to the terminal, and a connection control frame between the terminal and the network is not encrypted.

37 Citations

View as Search Results

35 Claims

1. A method for use in an encryption apparatus, said method comprising:
- receiving service type information from a network signifying whether a sending device is a non-encryption device or an encryption device;
  
  converting the received service type information when such information signifies an encryption device to service type information signifying a non-encryption device; and
  
  preventing data communication with the sending device when the received service type information signifies a non-encryption device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein said sending device is a file server.
  - 3. The method of claim 2, further comprising:
    - storing the results of said converting step in a server table.
  - 4. The method of claim 1, wherein said sending device is a client terminal.
  - 5. The method of claim 1, wherein said sending device is a router.
  - 6. The method of claim 1, wherein said preventing step includes:
    - transmitting a reply to said sending device via said network signifying that a connected device is unusable.
  - 7. The method of claim 1, wherein said preventing step includes:
    - changing a hop value for a connected device to a value which, when transmitted to said sending terminal, signifies that said connected device is unusable.
  - 8. The method of claim 1, further comprising:
    - receiving service type information from a connected device, signifying that said connected device is a non-encryption device;
      
      converting the service type information received from said connected device to signify that said connected device is an encryption device; and
      
      outputting the converted service type information for said connected device to said network.
  - 9. The method of claim 8, wherein said sending device receives the converted service type information for said connected device, and aborts a service request when the service type information for said connected device indicates an encryption device.
  - 10. The method of claim 1, further comprising:
    - receiving a data frame from a connected device;
      
      encrypting at least a portion of said data frame;
      
      sending the result of said encrypting step to said network;
      
      receiving encrypted data from said network; and
      
      decrypting said encrypted data.

11. A method for use in an encryption apparatus, said method comprising:
- storing at least one non-encryption address in a transparent processing table corresponding to a device which is not capable of decryption;
  
  receiving a control frame, including address and service type information, from a service requesting device via a network connection;
  
  comparing the address information of the control frame with entries in the transparent processing table;
  
  selectively changing the service type information of the control frame when said comparing step indicates that the address information of the control frame does not match entries in the transparent processing table; and
  
  determining whether to encrypt data for transmission to said service requesting device based on the service type information output by said selective changing step.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11, wherein said service requesting device is a base server connected via a network to terminal which does not have encryption capability.
  - 13. The method of claim 11, further comprising:
    - storing server information related to a server for which encryption is not required.

14. A method for use in an encryption apparatus, said method comprising:
- receiving server information from a connected device signifying a hop number for the connected device;
  
  incrementing the hop number for the connected device; and
  
  transmitting the incremented hop number to a remote device via a network connection;
  
  wherein, based on the incremented hop number, a service requesting device without decryption capability avoids selecting the connected device.
- View Dependent Claims (15, 16)
- - 15. The method of claim 14, wherein the connected device is a server with encryption capability.
  - 16. The method of claim 14, wherein said requesting device is a client terminal without encryption capability.

17. An apparatus for implementing an encryption scheme, said apparatus comprising:
- a network side receiving section for receiving service type information from a network signifying whether a sending device is a non-encryption device or an encryption device;
  
  conversion means for converting the received service type information when such information signifies an encryption device to service type information signifying a non-encryption device; and
  
  means for preventing data communication with the sending device when the received service type information signifies a non-encryption device.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 18. An encryption apparatus according to claim 17, wherein said encryption apparatus is applied in bus type or ring type LAN (local area network) or WAN (wide area network).
  - 19. The apparatus of claim 17, wherein said sending device is a file server.
  - 20. The apparatus of claim 19, further comprising:
    - a server table for storing the results of said conversion means.
  - 21. The apparatus of claim 17, wherein said sending device is a client terminal.
  - 22. The apparatus of claim 17, wherein said sending device is a router.
  - 23. The apparatus of claim 17, wherein said means for preventing transmits a reply to said sending device via said network signifying that a connected device is unusable.
  - 24. The apparatus of claim 17, wherein said means for preventing changes a hop value for a connected device to a value which, when transmitted to said sending terminal, signifies that said connected device is unusable.
  - 25. The apparatus of claim 17, further comprising:
    - a terminal side receiving section for receiving service type information from a connected device, signifying that said connected device is a non-encryption device, said conversion means converting the service type information received from said connected device to signify that said connected device is an encryption device; and
      
      output means for outputting the converted service type information for said connected device to said network.
  - 26. The apparatus of claim 25, wherein said sending device receives the converted service type information for said connected device, and aborts a service request when the service type information for said connected device indicates an encryption device.
  - 27. The apparatus of claim 17, further comprising:
    - a terminal side receiving section for receiving a data frame from a connected device;
      
      encryption means for encrypting at least a portion of said data frame;
      
      output means for sending the result of said encryption means to said network; and
      
      decryption means for decrypting encrypted data received from said network.

28. An apparatus for implementing an encryption scheme, said apparatus comprising:
- a transparent processing table storing at least one non-encryption address corresponding to a device which is not capable of decryption;
  
  a network side receiving section for receiving a control frame, including address and service type information, from a service requesting device via a network connection;
  
  a processing section for comparing the address information of the received control frame with entries in said transparent processing table and selectively changing the service type information of the control frame when the address information of the control frame does not match entries in said transparent processing table; and
  
  encryption means for selectively encrypting data for transmission to said service requesting device based on the service type information output by said processing section.
- View Dependent Claims (29, 30, 31)
- - 29. An encryption apparatus according to claim 28, wherein said encryption apparatus is applied in bus type or ring type LAN (local area network) or WAN (wide area network).
  - 30. The apparatus of claim 28, wherein said service requesting device is a base server connected via a network to terminal which does not have encryption capability.
  - 31. The apparatus of claim 28, further comprising:
    - a server table storing server information related to a server for which encryption is not required.

32. An apparatus for implementing an encryption scheme, said apparatus comprising:
- a processing section for receiving server information from a connected device signifying a hop number for the connected device and incrementing the hop number for the connected device; and
  
  a network side transmitting section for transmitting the incremented hop number to a remote device via a network connection;
  
  wherein, based on the incremented hop number, a service requesting device without decryption capability avoids selecting the connected device.
- View Dependent Claims (33, 34, 35)
- - 33. An encryption apparatus according to claim 32, wherein said encryption apparatus is applied in bus type or ring type LAN (local area network) or WAN (wide area network).
  - 34. The apparatus of claim 32, wherein the connected device is a server with encryption capability.
  - 35. The apparatus of claim 32, wherein said requesting device is a client terminal without encryption capability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mitsubishi Denki Kabushiki Kaisha (Mitsubishi Electric Corporation)
Original Assignee
Mitsubishi Denki Kabushiki Kaisha (Mitsubishi Electric Corporation)
Inventors
Koui, Yuuji, Funabe, Chieko, Baba, Yoshimasa, Seno, Shoichiro
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Myhre, James W.

Application Number

US08/853,919
Time in Patent Office

984 Days
Field of Search

380/49, 380/215.6, 380/215.7, 380/215.8, 380/224.4, 380/42, 380/45
US Class Current

713/153
CPC Class Codes

H04L 63/04 for providing a confidentia...

H04L 9/40 Network security protocols

Encryption apparatus for enabling encryption and non-encryption terminals to be connected on the same network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

35 Claims

Specification

Use Cases

Quick Links

Others

Encryption apparatus for enabling encryption and non-encryption terminals to be connected on the same network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

35 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others