System, method and computer program product for secure communications using a security service provider manager

US 6,757,822 B1
Filed: 05/31/2000
Issued: 06/29/2004
Est. Priority Date: 05/31/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for managing the use of a plurality of security service providers during network communication, comprising the steps of:

(a) utilizing a first security service provider for affording secure communication between applications using a network;

(b) detecting an event relating to the secure communication between the applications; and

(c) selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;

wherein the second security service provider is executed on a host different from that of the first security service provider;

wherein use of the first security service provider is discontinued in response to the detection of the event;

wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product are provided for managing the use of a plurality of security service providers during network communication. A first security service provider is utilized for affording secure communication between applications using a network. During operation, the system is monitored for events relating to the secure communication between the applications. Upon the detection of an event, a second security service provider is utilized for affording secure communication between the applications using the network.

116 Citations

30 Claims

1. A method for managing the use of a plurality of security service providers during network communication, comprising the steps of:
- (a) utilizing a first security service provider for affording secure communication between applications using a network;
  
  (b) detecting an event relating to the secure communication between the applications; and
  
  (c) selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
  
  wherein the second security service provider is executed on a host different from that of the first security service provider;
  
  wherein use of the first security service provider is discontinued in response to the detection of the event;
  
  wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 30)
- - 2. The method as recited in claim 1, wherein the event is a security-related event.
  - 3. The method as recited in claim 2, wherein the security-related event includes a run-time error.
  - 4. The method as recited in claim 2, wherein the security-related event includes an intrusion by a hacker.
  - 5. The method as recited in claim 1, and further comprising the step of generating a notification in response to the detection of the event.
  - 6. The method as recited in claim 1, wherein an address space of the applications is different from that of the security service providers.
  - 7. The method as recited in claim 1, wherein a host on which each of the applications is executed is different from a host on which each of the security service providers is executed.
  - 8. The method as recited in claim 1, wherein the secure communication between the applications is facilitated by at least one network provider.
  - 30. The method as recited in claim 1, wherein the second security service provider provides a first type of encryption including data encryption standard (DES) encryption that is different from an RSA encryption that is provided by the first security service provider.

9. A computer program product for managing the use of a plurality of security service providers during network communication, comprising:
- (a) computer code for utilizing a first security service provider for affording secure communication between applications using a network;
  
  (b) computer code for detecting an event relating to the secure communication between the applications; and
  
  (c) computer code for selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
  
  wherein the second security service provider is executed on a host different from that of the first security service provider wherein use of the first security service provider is discontinued in response to the detection of the event;
  
  wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer program product as recited in claim 9, wherein the event is a security-related event.
  - 11. The computer program product as recited in claim 10, wherein the security-related event includes a run-time error.
  - 12. The computer program product as recited in claim 10, wherein the security-related event includes an intrusion by a hacker.
  - 13. The computer program product as recited in claim 9, and further comprising computer code for generating a notification in response to the detection of the event.
  - 14. The computer program product as recited in claim 9, wherein an address space of the applications is different from that of the security service providers.
  - 15. The computer program product as recited in claim 9, wherein a host on which each of the applications is executed is different from a host on which each of the security service providers is executed.
  - 16. The computer program product as recited in claim 9, wherein the secure communication between the applications is facilitated by at least one network provider.

17. A security provider management system for managing the use of a plurality of security service providers during network communication, comprising:
- (a) logic for utilizing a first security service provider for affording secure communication between applications using a network;
  
  (b) logic for detecting an event relating to the secure communication between the applications; and
  
  (c) logic for selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
  
  wherein the second security service provider is executed on a host different from that of the first security service provider;
  
  wherein use of the first security service provider is discontinued in response to the detection of the event;
  
  wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.

18. A method for establishing secure communication over a network using a plurality of security service providers, comprising the steps of:
- (a) receiving an indication that communication is to be established on a network between a first application and a second application;
  
  (b) choosing at least one of a plurality of security service providers for affording secure communication between the first application and the second application utilizing the network; and
  
  (c) utilizing the chosen security service provider for affording secure communication between the first application and the second application utilizing the network;
  
  wherein a first security service provider is executed on a host different from that of a second security service provider;
  
  wherein use of the first security service provider is discontinued in response to the detection of an event;
  
  wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The method as recited in claim 18, wherein the at least one security service provider is chosen by exchanging a set of acceptable security service providers between the first application and the second application utilizing the network, and choosing at least one of the security service providers from the set.
  - 20. The method as recited in claim 19, wherein the at least one security service provider is chosen based on whether it is acceptable to both the first application and the second application.
  - 21. The method as recited in claim 18, wherein the at least one security service provider is chosen based on security requirements associated with the secure communication between the first application and the second application.
  - 22. The method as recited in claim 18, wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network connection.
  - 23. The method as recited in claim 18, wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network provider.

24. A computer program product for establishing secure communication over a network using a plurality of security service providers, comprising:
- (a) computer code for receiving an indication that communication is to be established on a network between a first application and a second application;
  
  (b) computer code for choosing at least one of a plurality of security service providers for affording secure communication between the first application and the second application utilizing the network; and
  
  (c) computer code for utilizing the chosen security service provider for affording secure communication between the first application and the second application utilizing the network;
  
  wherein a first security service provider is executed on a host different from that of a second security service provider;
  
  wherein use of the first security service provider is discontinued in response to the detection of an event;
  
  wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. The computer program product as recited in claim 24, wherein the at least one security service provider is chosen by exchanging a set of acceptable security service providers between the first application and the second application utilizing the network, and choosing at least one of the security service providers from the set.
  - 26. The computer program product as recited in claim 25, wherein the at least one security service provider is chosen based on whether it is acceptable to both the first application and the second application.
  - 27. The computer program product as recited in claim 24, wherein the at least one security service provider is chosen based on security requirements associated with the secure communication between the first application and the second application.
  - 28. The computer program product as recited in claim 24, wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network connection.
  - 29. The computer program product as recited in claim 24, wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, Inc. (McAfee, LLC), NVIDIA Corporation
Original Assignee
Networks Associates Technology, Inc. (McAfee, LLC)
Inventors
Feiertag, Richard J., Rho, Jaisook, Cohen, Eve L., Redmond, Timothy, Thomas, Roshan, Rosset, Sebastien T.
Primary Examiner(s)
Barrön, Gilberto
Assistant Examiner(s)
Dinh, Minh

Application Number

US09/586,558
Time in Patent Office

1,490 Days
Field of Search

713/151, 713/152, 713/153, 713/200, 713/201, 709/224-25, 709/227-29
US Class Current

713/152
CPC Class Codes

H04L 63/1408 by monitoring network traff...

H04L 63/1441 Countermeasures against mal...

System, method and computer program product for secure communications using a security service provider manager

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

116 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for secure communications using a security service provider manager

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

116 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links