Method and apparatus for providing off-line secure communications
First Claim
1. A method for providing off-line secure communications, the method comprises the steps of:
- a) while on-line with a security information repository, and in response to a determination that an entity is going off-line, transmitting, to the security information repository, a request for security information relating to at least one targeted communication entity;
b) receiving the security information relating to the at least one targeted communication entity;
c) updating a local security information repository with the security information relating to the at least one targeted communication entity;
d) while off-line from the security information repository, processing a communication with the at least one targeted communication entity based on the security information.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for providing off-line secure communications is accomplished when an end-user is on-line with a security information repository and transmits a request for security information relating to at least one targeted communication entity. The targeted communication entity may be another end-user that has sent the present end-user an encrypted message or another end-user that will receive an encrypted message from the present end-user. In response to the request, the present end-user subsequently receives the security information and updates a local security information repository (e.g., cache memory) with the security information related to the at least one targeted communication entity. Having updated the local security information repository, the current end-user goes off-line from the security information repository. While off-line, the current end-user confidently processes a secure communication with the at least one targeted communication entity based on the security information that is stored in the local security information repository.
-
Citations
29 Claims
-
1. A method for providing off-line secure communications, the method comprises the steps of:
-
a) while on-line with a security information repository, and in response to a determination that an entity is going off-line, transmitting, to the security information repository, a request for security information relating to at least one targeted communication entity;
b) receiving the security information relating to the at least one targeted communication entity;
c) updating a local security information repository with the security information relating to the at least one targeted communication entity;
d) while off-line from the security information repository, processing a communication with the at least one targeted communication entity based on the security information. - View Dependent Claims (2, 3, 4, 5, 6)
i) verifying the security information is within a validity period;
ii) verifying that the security information was signed by a trusted party;
iii) determining that the trusted party is not identified in an authority revocation list;
iv) determining that a certificate of the at least one target communication entity is not identified in a certificate revocation list;
v) determining appropriate key usage of the security information; and
vi) determining policy compliance of the processing of the communication.
-
-
6. The method of claim 1 further comprises, within step (d), processing the communication by at least one of:
- verifying signature of data, decrypting data, signing data, and encrypting data.
-
7. A method for providing off-line secure communications, the method comprises the steps of:
-
a) while on-line with a security information repository, receiving the security information relating to the at least one targeted communication entity from the security information repository in response to determining that an entity is going off-line;
b) storing the security information relating to the at least one targeted communication entity; and
c) while off-line from the security information repository, processing a communication with the at least one targeted communication entity based on the security information. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method for providing off-line secure communications, the method comprises the steps of:
-
a) determining that an entity is going off-line;
b) determining, by the security information repository, security information of at least one targeted communication entity when the entity is going off-line, wherein the at least one targeted communication entity is a participant in a communication with the entity;
c) transmitting, by the security information repository, the security information to the entity prior to the entity going off-line;
d) updating, by the entity, a local security information repository with the security information; and
e) while off-line from the security information repository, processing, by the entity, the communication with the at least one targeted communication entity based on the security information. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A digital information storage device that stores programming instructions that, when read by a processing unit, causes the processing unit to process off-line secure communication services, the digital information storage device comprises:
-
first means for storing programming instructions that, when read by the processing unit, causes the processing unit to receive the security information relating to the at least one targeted communication entity from the security information repository while on-line with a security information repository in response to determining that an entity is going off-line;
second means for storing programming instructions that, when read by the processing unit, causes the processing unit to store the security information relating to the at least one targeted communication entity; and
third means for storing programming instructions that, when read by the processing unit, causes the processing unit to process a communication with the at least one targeted communication entity based on the security information while off-line from the security information repository. - View Dependent Claims (18, 19, 20, 21, 22, 23)
i) verifying the security information is within a validity period;
ii) verifying that the security information was signed by a trusted party;
iii) determining that the trusted party is not identified in an authority revocation list;
iv) determining that a certificate of the at least one target communication entity is not identified in a certificate revocation list;
v) determining appropriate key usage of the security information; and
vi) determining policy compliance of the processing of the communication.
-
-
24. A digital information storage device that stores programming instructions that, when read by at least one processing unit, causes the at least one processing unit to process off-line secure communication services, the digital information storage device comprises:
-
first means for storing programming instructions that, when read by the at least one processing unit, causes the at least one processing unit to function as a security information repository to determine that an entity is going off-line;
second means for storing programming instructions that, when read by the at least one processing unit, causes the at least one processing unit to function as the security information repository to determine security information of at least one targeted communication entity when the entity is going off-line, wherein the at least one targeted communication entity is a participant in a communication with the entity; and
third means for storing programming instructions that, when read by the at least one processing unit, causes the at least one processing unit to function as the security information repository to transmit the security information to the entity prior to the entity going off-line. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification