Network system and method for secure communication service
First Claim
1. A network system providing secure communication services, comprising:
- a plurality of pieces of switching equipment, being connected to each other through a public network, and accommodating data terminals; and
central management and control equipment connected to the plurality of pieces of switching equipment through a separate network different from the public network,wherein the central management and control equipment includes a database storing a plurality of sets of a public key and a private key, each assigned to a piece of switching equipment,a first piece of switching equipment, accommodating a data terminal of a calling party, encrypts a dial number of a called party and a user number of the first piece of switching equipment by using a public key, which is used between the first piece of switching equipment and the central management and control equipment and transmits the encrypted dial number and user number to the central management and control equipment via the separate network,the central management and control equipment decrypts the transmitted dial number and user number, retrieves a public key of a second piece of switching equipment accommodating a data terminal of the called party corresponding to the decrypted dial number and a common key, which is used between the first and second pieces of switching equipment, encrypts the retrieved public key of the second piece of switching equipment and the common key, which is used between the first and second pieces of switching equipment by using a public key of the first piece of switching equipment, and second the encrypted public key and common key to the first piece of switching equipment via the separate network,the first piece of switching equipment decrypts the public key and common key sent from the central management and control equipment, encrypts the decrypted common key, which is used between the first and second pieces of switching equipment by using the public key of the second piece of switching equipment and sends the encrypted common key to the second piece of switching equipment via the public network, andthe second piece of switching equipment decrypts the encrypted common key sent from the first piece of switching equipment by a private key of the second piece of switching equipment, so that the common key can be used to perform secure communication between the first and second pieces of switching equipment.
1 Assignment
0 Petitions
Accused Products
Abstract
A network system providing secure service facility has a central control & management equipment to enable unified key management. The network includes a plurality of switching equipment and central control & management equipment, each of which includes encryption section. The encryption section of central management & control equipment encrypts; (a) a public key of switching equipment of a called party (i.e. terminating switching equipment); and, (b) a common key for encrypting message to be transferred between switching equipment. This is carried out each time a call requesting secure communication is originated. Then, the encrypted keys are delivered to the switching equipment of a calling party (i.e. originating switching equipment). Central management & control equipment maintains public keys of any switching equipment in a database.
39 Citations
4 Claims
-
1. A network system providing secure communication services, comprising:
-
a plurality of pieces of switching equipment, being connected to each other through a public network, and accommodating data terminals; and central management and control equipment connected to the plurality of pieces of switching equipment through a separate network different from the public network, wherein the central management and control equipment includes a database storing a plurality of sets of a public key and a private key, each assigned to a piece of switching equipment, a first piece of switching equipment, accommodating a data terminal of a calling party, encrypts a dial number of a called party and a user number of the first piece of switching equipment by using a public key, which is used between the first piece of switching equipment and the central management and control equipment and transmits the encrypted dial number and user number to the central management and control equipment via the separate network, the central management and control equipment decrypts the transmitted dial number and user number, retrieves a public key of a second piece of switching equipment accommodating a data terminal of the called party corresponding to the decrypted dial number and a common key, which is used between the first and second pieces of switching equipment, encrypts the retrieved public key of the second piece of switching equipment and the common key, which is used between the first and second pieces of switching equipment by using a public key of the first piece of switching equipment, and second the encrypted public key and common key to the first piece of switching equipment via the separate network, the first piece of switching equipment decrypts the public key and common key sent from the central management and control equipment, encrypts the decrypted common key, which is used between the first and second pieces of switching equipment by using the public key of the second piece of switching equipment and sends the encrypted common key to the second piece of switching equipment via the public network, and the second piece of switching equipment decrypts the encrypted common key sent from the first piece of switching equipment by a private key of the second piece of switching equipment, so that the common key can be used to perform secure communication between the first and second pieces of switching equipment. - View Dependent Claims (2)
-
-
3. A method for providing secure communication services in a network system having a plurality of pieces of switching equipment, being connected to each other through a public network, and accommodating data terminals, and central management and control equipment connected to the plurality of pieces of switching equipment through a separate network different from the public network, the method comprising the steps of:
-
in a database provided at the central management and control equipment, storing a plurality of sets of a public key and a private key, each assigned to a piece of switching equipment; from a first piece of switching equipment accommodating a data terminal of a calling party, encrypting a dial number of a called party and a user number of the first piece of switching equipment by using a public key, which is used between the first piece of switching equipment and the central management and control equipment, and transmitting the encrypted dial number and user number to the central management and control equipment via the separate network; in the central management and control equipment, decrypting the transmitted dial number and user number, retrieving a public key of a second piece of switching equipment accommodating a data terminal of the called party corresponding to the decrypted dial number and a common key, which is used between the first and second pieces of switching equipment, encrypting the retrieved public key of the second piece of switching equipment and the common key, which is used between the first and second pieces of switching equipment by using a public key of the first piece of switching equipment, and sending the encrypted public key and common key to the first piece of switching equipment; by the first piece of switching equipment, decrypting the public key and common key sent from the central management and control equipment, encrypting the decrypted common key, which is used between the first and second pieces of switching equipment by using the public key of the second piece of switching equipment, and sending the encrypted common key to the second piece of switching equipment via the public network; and by the second piece of switching equipment, decrypting the encrypted common key sent from the first piece of switching equipment by a private key of the second piece of switching equipment, so that the common key can be used to perform secure communication between the first and second pieces of switching equipment. - View Dependent Claims (4)
-
Specification