Apparatus and methods for transmission security in a computer network
First Claim
1. A method for validating a message packet communicated from a source node to a destination node in a computer network, the source node and destination node having access to a clock mechanism synchronized with a common time frame, the method comprising:
- (a) generating a first security key using a time reference obtained from said clock mechanism and a password known by said source node and said destination node;
(b) communicating said first security key with a message packet from said source node to said destination node;
(c) when said first security key and said message packet are received by said destination node, generating a second security key using said password and said time reference and comparing said second security key with said first security key; and
(d) discarding said message packet if said second security key does not correspond with said first security key.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for validating a message packet communicated from a source node to a destination node in a computer network is disclosed. The source node and destination node have access to a clock mechanism synchronized with a common time frame. The method comprises generating a first security key using a time reference obtained from the clock mechanism and a password known by the source node and destination node, communicating the first security key with a message packet from the source node to the destination node, and when the first security key and message packet are received by the destination node, generating a second security key using the password and the time reference and comparing the second security key with the first security key. The message packet is discarded if the second security key does not correspond with the first security key.
In another aspect of the invention, the method further comprises communicating a first time reference obtained from the clock mechanism with a message packet, and when the first time reference and message packet are received by the destination node, comparing the first time reference with a second time reference obtained from the clock mechanism. The message packet is discarded if the time difference between the first time reference and the second time reference is greater than a predetermined amount of time. The predetermined amount of time may be based on a calculated normal packet transmission delay.
70 Citations
14 Claims
-
1. A method for validating a message packet communicated from a source node to a destination node in a computer network, the source node and destination node having access to a clock mechanism synchronized with a common time frame, the method comprising:
-
(a) generating a first security key using a time reference obtained from said clock mechanism and a password known by said source node and said destination node; (b) communicating said first security key with a message packet from said source node to said destination node; (c) when said first security key and said message packet are received by said destination node, generating a second security key using said password and said time reference and comparing said second security key with said first security key; and (d) discarding said message packet if said second security key does not correspond with said first security key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 12, 13, 14)
-
- 9. A computer network comprising a plurality of communicatively interconnected components represented by nodes, wherein a message packet communicated from a source node to a destination node includes a first security key generated using a password and a time reference, and wherein said destination node generates a second security key using said password and said time reference and compares said second security key with said first security key, said destination node discarding the message packet if said second security key does not correspond with said first security key.
Specification
-
- Resources
-
Current AssigneeGlenayre Electronics Incorporated (EDCI Holdings Incorporated)
-
Original AssigneeGlenayre Electronics Incorporated (EDCI Holdings Incorporated)
-
InventorsGodoroja, Andrei, Fawcett, Glenn S., Tosey, Joseph P. R.
-
Primary Examiner(s)Peeso, Thomas R.
-
Application NumberUS08/893,529Time in Patent Office963 DaysField of Search713/160, 713/161, 713/178, 713/171, 713/200, 713/201, 380/36, 380/278, 380/283US Class Current726/3CPC Class CodesG06F 21/606 by securing the transmissio...H04L 41/082 the condition being updates...H04L 41/0853 by actively collecting conf...H04L 41/0856 by backing up or archiving ...H04L 41/0896 Bandwidth or capacity manag...H04L 45/02 Topology update or discoveryH04L 45/16 Multipoint routingH04L 47/10 Flow control; Congestion co...H04L 47/12 Avoiding congestion; Recove...H04L 47/263 Rate modification at the so...H04L 47/28 in relation to timing consi...H04L 47/37 Slow startH04L 63/0442 wherein the sending and rec...H04L 63/0807 using tickets, e.g. Kerbero...H04L 63/083 using passwords cryptograph...H04L 63/123 received data contents, e.g...H04L 67/62 Establishing a time schedul...H04L 69/329 in the application layer [O...H04L 9/40 Network security protocolsH04W 12/06 AuthenticationView All
