Method and apparatus to establish routes based on the trust scores of routers within an IP routing domain

US 7,733,804 B2
Filed: 01/17/2007
Issued: 06/08/2010
Est. Priority Date: 11/29/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for selecting a second router as part of a path from a first router to a destination, comprising:

identifying every router that is part of a network including the first router;

identifying an integrity/trust score for each identified router;

computing a path integrity/trust score between the first router and the destination for each of at least two paths between the first router and the destination, wherein computing the path integrity/trust score includes;

computing a highest average integrity/trust score for the routers along each of the at least two paths;

computing a highest minimum integrity/trust score for the routers along each of the at least two paths; and

computing a highest total integrity/trust score for the routers along each of the at least two paths;

selecting the second router from the identified routers along one of the at least two paths based on at least one of the highest average integrity/trust score, the highest minimum integrity/trust score, and the highest total integrity/trust score computed for each of the at least two paths; and

transmitting data from the first router to the second router.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A router includes a management module and a routing module. The routing module can be used to route data around a network. The management module can be used to manage the operation of the routing module, including generating an integrity report for the router, which can be used to generate a trust report for the router. The trust report can include an integrity/trust score for the router. The management module can control the routing module via a secure control interface.

Citations

10 Claims

1. A method for selecting a second router as part of a path from a first router to a destination, comprising:
- identifying every router that is part of a network including the first router;
  
  identifying an integrity/trust score for each identified router;
  
  computing a path integrity/trust score between the first router and the destination for each of at least two paths between the first router and the destination, wherein computing the path integrity/trust score includes;
  
  computing a highest average integrity/trust score for the routers along each of the at least two paths;
  
  computing a highest minimum integrity/trust score for the routers along each of the at least two paths; and
  
  computing a highest total integrity/trust score for the routers along each of the at least two paths;
  
  selecting the second router from the identified routers along one of the at least two paths based on at least one of the highest average integrity/trust score, the highest minimum integrity/trust score, and the highest total integrity/trust score computed for each of the at least two paths; and
  
  transmitting data from the first router to the second router.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method according to claim 1, wherein:
    - identifying every router that is part of a network includes identifying at least one neighbor router as part of the network including the first router, where the neighbor routers are neighbors of the first router; and
      
      selecting the second router from the identified routers includes selecting as the second router the neighbor router with a highest integrity/trust score.
  - 3. A method according to claim 1, whereinselecting the second router includes:
    - identifying a path from among the at least two paths with a best path integrity/trust score; and
      
      selecting as the second router a neighbor router of the first router along the identified path.
  - 4. A method according to claim 3, wherein identifying the path with the best path integrity/trust score includes identifying the path with the highest average integrity/trust score for the routers along said path.
  - 5. A method according to claim 3, wherein identifying the path with the best path integrity/trust score includes identifying the path with the highest minimum integrity/trust score for the routers along said path.

6. An article comprising a non-transitory storage-readable medium having associated data that, when executed by a machine, results in a machine:
- identifying every router that is a part of a network including a first router;
  
  identifying an integrity/trust score for each identified router;
  
  computing a path integrity/trust score between the first router and a destination for each of at least two paths between the first router and the destination, wherein computing the path integrity/trust score includes;
  
  computing a highest average integrity/trust score for the routers along each of the at least two paths;
  
  computing a highest minimum integrity/trust score for the routers along each of the at least two paths; and
  
  computing a highest total integrity/trust score for the routers along each of the at least two paths;
  
  selecting a second router from the identified routers along one of the at least two paths based on at least one of the highest average integrity/trust score router, the highest minimum integrity/trust score, and the highest total integrity/trust score computed for each of the at least two paths; and
  
  transmitting data from the first router to the second router.
- View Dependent Claims (7, 8, 9, 10)
- - 7. An article according to claim 6, wherein:
    - identifying every router that is part of a network includes identifying at least one neighbor router as part of the network including the first router, where the neighbor routers are neighbors of the first router; and
      
      selecting the second router from the identified routers includes selecting as the second router the neighbor router with a highest integrity/trust score.
  - 8. An article according to claim 6, whereinselecting the second router includes:
    - identifying a path from among the at least two paths with a best path integrity/trust score; and
      
      selecting as the second router a neighbor router of the first router along the identified path.
  - 9. An article according to claim 8, wherein identifying the path with the best path integrity/trust score includes identifying the path with the highest average integrity/trust score for the routers along said path.
  - 10. An article according to claim 8, wherein identifying the path with the best path integrity/trust score includes identifying the path with the highest minimum integrity/trust score for the routers along said path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
KIP Sign P1 LP
Original Assignee
SignaCert, Inc. (L3Harris Technologies, Inc.)
Inventors
Starnes, William Wyatt, Hardjono, Thomas Parasu, Andersen, Bradley Douglas, Bleckmann, David Maurits
Primary Examiner(s)
Shah, Chirag G
Assistant Examiner(s)
Thompson, Jr., Otis L

Application Number

US11/624,001
Publication Number

US 20070180495A1
Time in Patent Office

1,238 Days
Field of Search

None
US Class Current

370/254
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/0876   based on the identity of th...

H04L 63/1433   Vulnerability analysis

H04W 12/069   using certificates or pre-s...

H04W 12/122   Counter-measures against at...

Method and apparatus to establish routes based on the trust scores of routers within an IP routing domain

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus to establish routes based on the trust scores of routers within an IP routing domain

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links